What is Samba?
Samba is an open-source re-implementation of the Server Message Block (SMB) protocol. Thus, allowing file and print services across Windows, Macs and Linux/Unix systems.
Vulnerability
This out-of-bounds heap read-write vulnerability effects all versions of Samba prior to 4.13.17. Exploitation of this vulnerability requires write access to a file’s extended attributes. In certain environments this may even allow guest accounts or unauthenticated users to exploit the vulnerability if permissions are not set correctly. If an account/user has write access to a file’s extended attributes this would allow them to execute arbitrary code on affected devices in the root/system context. As of writing this, no observed cases of this vulnerability being exploited in the wild have been reported. However, security researchers believe it will happen soon.
CVSS Score
9.9
Remediation
Samba versions 4.13.17, 4.14.12 and 4.15.5 have been released to remediate the vulnerability. Administrators are advised to apply the patches or upgrade to these versions as soon as possible. Certain vendors may have to release their own patches to remediate the vulnerability. For further information about Samba vendors please see the following:
https://www.samba.org/samba/vendors/
Mitigation
If Samba is exposed to the internet, block this at the firewall immediately. Samba should never be exposed externally.
If the upgrades or patches can not be applied; Samba has recommended removing the “fruit” VFS module from the list of configured VFS objects in any “vfs objects” line in the Samba configuration smb.conf.
Note: This mitigation will cause all stored information to be inaccessible and will make it appear to macOS clients as if the information is lost.
Trend Micro article: https://www.trendmicro.com/en_us/research/22/b/the-samba-vulnerability-what-is-cve-2021-44142-and-how-to-fix-it.html
Samba CVE-2021-44142 Article: https://www.samba.org/samba/security/CVE-2021-44142.html
