CVSS 9.9-Rated Samba Bug Requires Immediate Patching
A critical vulnerability in a popular open-source networking protocol could allow attackers to execute code with root privileges unless patched, experts have warned.
Samba is a popular free implementation of the SMB protocol, allowing Linux, Windows and Mac users to share files across a network.
However, a newly discovered critical vulnerability (CVE-2021-44142) in the software has been given a CVSS score of 9.9, making it one of the most dangerous bugs discovered in recent years. Log4Shell was given only a slightly higher score of 10.0.
“All versions of Samba prior to 4.13.17 are vulnerable to an out-of-bounds heap read-write vulnerability that allows remote attackers to execute arbitrary code as root on affected Samba installations that use the VFS module vfs_fruit,” Samba explained.
“The specific flaw exists within the parsing of EA metadata when opening files in smbd. Access as a user that has write access to a file’s extended attributes is required to exploit this vulnerability. Note that this could be a guest or unauthenticated user if such users are allowed write access to file extended attributes.”
Patches have been released, and Samba updates 4.13.17, 4.14.12 and 4.15.5 have been issued to fix the problem, with