VAR-202201-0295
Vulnerability from variot - Updated: 2025-12-22 21:11The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of AppleDouble entries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer.
For details on migrating Samba/CTDB configuration files, refer to:
https://access.redhat.com/solutions/4311261
-
Gentoo Linux Security Advisory GLSA 202309-06
https://security.gentoo.org/
Severity: High Title: Samba: Multiple Vulnerabilities Date: September 17, 2023 Bugs: #820566, #821688, #830983, #832433, #861512, #866225, #869122, #878273, #880437, #886153, #903621, #905320, #910334 ID: 202309-06
Synopsis
Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution.
Background
Samba is a suite of SMB and CIFS client/server programs.
Affected packages
Package Vulnerable Unaffected
net-fs/samba < 4.18.4 >= 4.18.4
Description
Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Samba users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-fs/samba-4.18.4"
References
[ 1 ] CVE-2007-4559 https://nvd.nist.gov/vuln/detail/CVE-2007-4559 [ 2 ] CVE-2016-2124 https://nvd.nist.gov/vuln/detail/CVE-2016-2124 [ 3 ] CVE-2020-17049 https://nvd.nist.gov/vuln/detail/CVE-2020-17049 [ 4 ] CVE-2020-25717 https://nvd.nist.gov/vuln/detail/CVE-2020-25717 [ 5 ] CVE-2020-25718 https://nvd.nist.gov/vuln/detail/CVE-2020-25718 [ 6 ] CVE-2020-25719 https://nvd.nist.gov/vuln/detail/CVE-2020-25719 [ 7 ] CVE-2020-25721 https://nvd.nist.gov/vuln/detail/CVE-2020-25721 [ 8 ] CVE-2020-25722 https://nvd.nist.gov/vuln/detail/CVE-2020-25722 [ 9 ] CVE-2021-3670 https://nvd.nist.gov/vuln/detail/CVE-2021-3670 [ 10 ] CVE-2021-3738 https://nvd.nist.gov/vuln/detail/CVE-2021-3738 [ 11 ] CVE-2021-20251 https://nvd.nist.gov/vuln/detail/CVE-2021-20251 [ 12 ] CVE-2021-20316 https://nvd.nist.gov/vuln/detail/CVE-2021-20316 [ 13 ] CVE-2021-23192 https://nvd.nist.gov/vuln/detail/CVE-2021-23192 [ 14 ] CVE-2021-44141 https://nvd.nist.gov/vuln/detail/CVE-2021-44141 [ 15 ] CVE-2021-44142 https://nvd.nist.gov/vuln/detail/CVE-2021-44142 [ 16 ] CVE-2022-0336 https://nvd.nist.gov/vuln/detail/CVE-2022-0336 [ 17 ] CVE-2022-1615 https://nvd.nist.gov/vuln/detail/CVE-2022-1615 [ 18 ] CVE-2022-2031 https://nvd.nist.gov/vuln/detail/CVE-2022-2031 [ 19 ] CVE-2022-3437 https://nvd.nist.gov/vuln/detail/CVE-2022-3437 [ 20 ] CVE-2022-3592 https://nvd.nist.gov/vuln/detail/CVE-2022-3592 [ 21 ] CVE-2022-32742 https://nvd.nist.gov/vuln/detail/CVE-2022-32742 [ 22 ] CVE-2022-32743 https://nvd.nist.gov/vuln/detail/CVE-2022-32743 [ 23 ] CVE-2022-32744 https://nvd.nist.gov/vuln/detail/CVE-2022-32744 [ 24 ] CVE-2022-32745 https://nvd.nist.gov/vuln/detail/CVE-2022-32745 [ 25 ] CVE-2022-32746 https://nvd.nist.gov/vuln/detail/CVE-2022-32746 [ 26 ] CVE-2022-37966 https://nvd.nist.gov/vuln/detail/CVE-2022-37966 [ 27 ] CVE-2022-37967 https://nvd.nist.gov/vuln/detail/CVE-2022-37967 [ 28 ] CVE-2022-38023 https://nvd.nist.gov/vuln/detail/CVE-2022-38023 [ 29 ] CVE-2022-42898 https://nvd.nist.gov/vuln/detail/CVE-2022-42898 [ 30 ] CVE-2022-45141 https://nvd.nist.gov/vuln/detail/CVE-2022-45141 [ 31 ] CVE-2023-0225 https://nvd.nist.gov/vuln/detail/CVE-2023-0225 [ 32 ] CVE-2023-0614 https://nvd.nist.gov/vuln/detail/CVE-2023-0614 [ 33 ] CVE-2023-0922 https://nvd.nist.gov/vuln/detail/CVE-2023-0922
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202309-06
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 . ========================================================================= Ubuntu Security Notice USN-5260-3 February 03, 2022
samba vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Samba could be made to crash when handled certain memory operations.
Software Description: - samba: SMB/CIFS file, print, and login server for Unix
Details:
USN-5260-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Orange Tsai discovered that the Samba vfs_fruit module incorrectly handled certain memory operations. (CVE-2021-44142)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: samba 2:4.3.11+dfsg-0ubuntu0.16.04.34+esm1
Ubuntu 14.04 ESM: samba 2:4.3.11+dfsg-0ubuntu0.14.04.20+esm12
This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Critical: samba security and bug fix update Advisory ID: RHSA-2022:0328-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0328 Issue date: 2022-01-31 CVE Names: CVE-2021-44142 ==================================================================== 1. Summary:
An update for samba is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Resilient Storage (v. 7) - ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64
- Description:
Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.
Security Fix(es):
- samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution (CVE-2021-44142)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
Fix CVE-2020-25717 username map [script] advice (BZ#2034800)
-
Fix Kerberos authentication on standalone server with MIT realm (BZ#2036595)
-
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the smb service will be restarted automatically.
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: samba-4.10.16-18.el7_9.src.rpm
noarch: samba-common-4.10.16-18.el7_9.noarch.rpm
x86_64: libsmbclient-4.10.16-18.el7_9.i686.rpm libsmbclient-4.10.16-18.el7_9.x86_64.rpm libwbclient-4.10.16-18.el7_9.i686.rpm libwbclient-4.10.16-18.el7_9.x86_64.rpm samba-client-4.10.16-18.el7_9.x86_64.rpm samba-client-libs-4.10.16-18.el7_9.i686.rpm samba-client-libs-4.10.16-18.el7_9.x86_64.rpm samba-common-libs-4.10.16-18.el7_9.i686.rpm samba-common-libs-4.10.16-18.el7_9.x86_64.rpm samba-common-tools-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.i686.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm samba-krb5-printing-4.10.16-18.el7_9.x86_64.rpm samba-libs-4.10.16-18.el7_9.i686.rpm samba-libs-4.10.16-18.el7_9.x86_64.rpm samba-winbind-4.10.16-18.el7_9.x86_64.rpm samba-winbind-clients-4.10.16-18.el7_9.x86_64.rpm samba-winbind-modules-4.10.16-18.el7_9.i686.rpm samba-winbind-modules-4.10.16-18.el7_9.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch: samba-pidl-4.10.16-18.el7_9.noarch.rpm
x86_64: libsmbclient-devel-4.10.16-18.el7_9.i686.rpm libsmbclient-devel-4.10.16-18.el7_9.x86_64.rpm libwbclient-devel-4.10.16-18.el7_9.i686.rpm libwbclient-devel-4.10.16-18.el7_9.x86_64.rpm samba-4.10.16-18.el7_9.x86_64.rpm samba-dc-4.10.16-18.el7_9.x86_64.rpm samba-dc-libs-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.i686.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm samba-devel-4.10.16-18.el7_9.i686.rpm samba-devel-4.10.16-18.el7_9.x86_64.rpm samba-python-4.10.16-18.el7_9.i686.rpm samba-python-4.10.16-18.el7_9.x86_64.rpm samba-python-test-4.10.16-18.el7_9.x86_64.rpm samba-test-4.10.16-18.el7_9.x86_64.rpm samba-test-libs-4.10.16-18.el7_9.i686.rpm samba-test-libs-4.10.16-18.el7_9.x86_64.rpm samba-vfs-glusterfs-4.10.16-18.el7_9.x86_64.rpm samba-winbind-krb5-locator-4.10.16-18.el7_9.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: samba-4.10.16-18.el7_9.src.rpm
noarch: samba-common-4.10.16-18.el7_9.noarch.rpm
x86_64: libsmbclient-4.10.16-18.el7_9.i686.rpm libsmbclient-4.10.16-18.el7_9.x86_64.rpm libwbclient-4.10.16-18.el7_9.i686.rpm libwbclient-4.10.16-18.el7_9.x86_64.rpm samba-client-4.10.16-18.el7_9.x86_64.rpm samba-client-libs-4.10.16-18.el7_9.i686.rpm samba-client-libs-4.10.16-18.el7_9.x86_64.rpm samba-common-libs-4.10.16-18.el7_9.i686.rpm samba-common-libs-4.10.16-18.el7_9.x86_64.rpm samba-common-tools-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.i686.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm samba-libs-4.10.16-18.el7_9.i686.rpm samba-libs-4.10.16-18.el7_9.x86_64.rpm samba-winbind-4.10.16-18.el7_9.x86_64.rpm samba-winbind-clients-4.10.16-18.el7_9.x86_64.rpm samba-winbind-modules-4.10.16-18.el7_9.i686.rpm samba-winbind-modules-4.10.16-18.el7_9.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch: samba-pidl-4.10.16-18.el7_9.noarch.rpm
x86_64: libsmbclient-devel-4.10.16-18.el7_9.i686.rpm libsmbclient-devel-4.10.16-18.el7_9.x86_64.rpm libwbclient-devel-4.10.16-18.el7_9.i686.rpm libwbclient-devel-4.10.16-18.el7_9.x86_64.rpm samba-4.10.16-18.el7_9.x86_64.rpm samba-dc-4.10.16-18.el7_9.x86_64.rpm samba-dc-libs-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.i686.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm samba-devel-4.10.16-18.el7_9.i686.rpm samba-devel-4.10.16-18.el7_9.x86_64.rpm samba-krb5-printing-4.10.16-18.el7_9.x86_64.rpm samba-python-4.10.16-18.el7_9.i686.rpm samba-python-4.10.16-18.el7_9.x86_64.rpm samba-python-test-4.10.16-18.el7_9.x86_64.rpm samba-test-4.10.16-18.el7_9.x86_64.rpm samba-test-libs-4.10.16-18.el7_9.i686.rpm samba-test-libs-4.10.16-18.el7_9.x86_64.rpm samba-vfs-glusterfs-4.10.16-18.el7_9.x86_64.rpm samba-winbind-krb5-locator-4.10.16-18.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: samba-4.10.16-18.el7_9.src.rpm
noarch: samba-common-4.10.16-18.el7_9.noarch.rpm
ppc64: libsmbclient-4.10.16-18.el7_9.ppc.rpm libsmbclient-4.10.16-18.el7_9.ppc64.rpm libwbclient-4.10.16-18.el7_9.ppc.rpm libwbclient-4.10.16-18.el7_9.ppc64.rpm samba-4.10.16-18.el7_9.ppc64.rpm samba-client-4.10.16-18.el7_9.ppc64.rpm samba-client-libs-4.10.16-18.el7_9.ppc.rpm samba-client-libs-4.10.16-18.el7_9.ppc64.rpm samba-common-libs-4.10.16-18.el7_9.ppc.rpm samba-common-libs-4.10.16-18.el7_9.ppc64.rpm samba-common-tools-4.10.16-18.el7_9.ppc64.rpm samba-debuginfo-4.10.16-18.el7_9.ppc.rpm samba-debuginfo-4.10.16-18.el7_9.ppc64.rpm samba-krb5-printing-4.10.16-18.el7_9.ppc64.rpm samba-libs-4.10.16-18.el7_9.ppc.rpm samba-libs-4.10.16-18.el7_9.ppc64.rpm samba-winbind-4.10.16-18.el7_9.ppc64.rpm samba-winbind-clients-4.10.16-18.el7_9.ppc64.rpm samba-winbind-modules-4.10.16-18.el7_9.ppc.rpm samba-winbind-modules-4.10.16-18.el7_9.ppc64.rpm
ppc64le: libsmbclient-4.10.16-18.el7_9.ppc64le.rpm libwbclient-4.10.16-18.el7_9.ppc64le.rpm samba-4.10.16-18.el7_9.ppc64le.rpm samba-client-4.10.16-18.el7_9.ppc64le.rpm samba-client-libs-4.10.16-18.el7_9.ppc64le.rpm samba-common-libs-4.10.16-18.el7_9.ppc64le.rpm samba-common-tools-4.10.16-18.el7_9.ppc64le.rpm samba-debuginfo-4.10.16-18.el7_9.ppc64le.rpm samba-krb5-printing-4.10.16-18.el7_9.ppc64le.rpm samba-libs-4.10.16-18.el7_9.ppc64le.rpm samba-winbind-4.10.16-18.el7_9.ppc64le.rpm samba-winbind-clients-4.10.16-18.el7_9.ppc64le.rpm samba-winbind-modules-4.10.16-18.el7_9.ppc64le.rpm
s390x: libsmbclient-4.10.16-18.el7_9.s390.rpm libsmbclient-4.10.16-18.el7_9.s390x.rpm libwbclient-4.10.16-18.el7_9.s390.rpm libwbclient-4.10.16-18.el7_9.s390x.rpm samba-4.10.16-18.el7_9.s390x.rpm samba-client-4.10.16-18.el7_9.s390x.rpm samba-client-libs-4.10.16-18.el7_9.s390.rpm samba-client-libs-4.10.16-18.el7_9.s390x.rpm samba-common-libs-4.10.16-18.el7_9.s390.rpm samba-common-libs-4.10.16-18.el7_9.s390x.rpm samba-common-tools-4.10.16-18.el7_9.s390x.rpm samba-debuginfo-4.10.16-18.el7_9.s390.rpm samba-debuginfo-4.10.16-18.el7_9.s390x.rpm samba-krb5-printing-4.10.16-18.el7_9.s390x.rpm samba-libs-4.10.16-18.el7_9.s390.rpm samba-libs-4.10.16-18.el7_9.s390x.rpm samba-winbind-4.10.16-18.el7_9.s390x.rpm samba-winbind-clients-4.10.16-18.el7_9.s390x.rpm samba-winbind-modules-4.10.16-18.el7_9.s390.rpm samba-winbind-modules-4.10.16-18.el7_9.s390x.rpm
x86_64: libsmbclient-4.10.16-18.el7_9.i686.rpm libsmbclient-4.10.16-18.el7_9.x86_64.rpm libwbclient-4.10.16-18.el7_9.i686.rpm libwbclient-4.10.16-18.el7_9.x86_64.rpm samba-4.10.16-18.el7_9.x86_64.rpm samba-client-4.10.16-18.el7_9.x86_64.rpm samba-client-libs-4.10.16-18.el7_9.i686.rpm samba-client-libs-4.10.16-18.el7_9.x86_64.rpm samba-common-libs-4.10.16-18.el7_9.i686.rpm samba-common-libs-4.10.16-18.el7_9.x86_64.rpm samba-common-tools-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.i686.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm samba-krb5-printing-4.10.16-18.el7_9.x86_64.rpm samba-libs-4.10.16-18.el7_9.i686.rpm samba-libs-4.10.16-18.el7_9.x86_64.rpm samba-python-4.10.16-18.el7_9.i686.rpm samba-python-4.10.16-18.el7_9.x86_64.rpm samba-winbind-4.10.16-18.el7_9.x86_64.rpm samba-winbind-clients-4.10.16-18.el7_9.x86_64.rpm samba-winbind-modules-4.10.16-18.el7_9.i686.rpm samba-winbind-modules-4.10.16-18.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server Resilient Storage (v. 7):
ppc64le: ctdb-4.10.16-18.el7_9.ppc64le.rpm ctdb-tests-4.10.16-18.el7_9.ppc64le.rpm samba-debuginfo-4.10.16-18.el7_9.ppc64le.rpm
s390x: ctdb-4.10.16-18.el7_9.s390x.rpm ctdb-tests-4.10.16-18.el7_9.s390x.rpm samba-debuginfo-4.10.16-18.el7_9.s390x.rpm
x86_64: ctdb-4.10.16-18.el7_9.x86_64.rpm ctdb-tests-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch: samba-pidl-4.10.16-18.el7_9.noarch.rpm
ppc64: libsmbclient-devel-4.10.16-18.el7_9.ppc.rpm libsmbclient-devel-4.10.16-18.el7_9.ppc64.rpm libwbclient-devel-4.10.16-18.el7_9.ppc.rpm libwbclient-devel-4.10.16-18.el7_9.ppc64.rpm samba-dc-4.10.16-18.el7_9.ppc64.rpm samba-dc-libs-4.10.16-18.el7_9.ppc64.rpm samba-debuginfo-4.10.16-18.el7_9.ppc.rpm samba-debuginfo-4.10.16-18.el7_9.ppc64.rpm samba-devel-4.10.16-18.el7_9.ppc.rpm samba-devel-4.10.16-18.el7_9.ppc64.rpm samba-python-4.10.16-18.el7_9.ppc.rpm samba-python-4.10.16-18.el7_9.ppc64.rpm samba-python-test-4.10.16-18.el7_9.ppc64.rpm samba-test-4.10.16-18.el7_9.ppc64.rpm samba-test-libs-4.10.16-18.el7_9.ppc.rpm samba-test-libs-4.10.16-18.el7_9.ppc64.rpm samba-winbind-krb5-locator-4.10.16-18.el7_9.ppc64.rpm
ppc64le: libsmbclient-devel-4.10.16-18.el7_9.ppc64le.rpm libwbclient-devel-4.10.16-18.el7_9.ppc64le.rpm samba-dc-4.10.16-18.el7_9.ppc64le.rpm samba-dc-libs-4.10.16-18.el7_9.ppc64le.rpm samba-debuginfo-4.10.16-18.el7_9.ppc64le.rpm samba-devel-4.10.16-18.el7_9.ppc64le.rpm samba-python-4.10.16-18.el7_9.ppc64le.rpm samba-python-test-4.10.16-18.el7_9.ppc64le.rpm samba-test-4.10.16-18.el7_9.ppc64le.rpm samba-test-libs-4.10.16-18.el7_9.ppc64le.rpm samba-winbind-krb5-locator-4.10.16-18.el7_9.ppc64le.rpm
s390x: libsmbclient-devel-4.10.16-18.el7_9.s390.rpm libsmbclient-devel-4.10.16-18.el7_9.s390x.rpm libwbclient-devel-4.10.16-18.el7_9.s390.rpm libwbclient-devel-4.10.16-18.el7_9.s390x.rpm samba-dc-4.10.16-18.el7_9.s390x.rpm samba-dc-libs-4.10.16-18.el7_9.s390x.rpm samba-debuginfo-4.10.16-18.el7_9.s390.rpm samba-debuginfo-4.10.16-18.el7_9.s390x.rpm samba-devel-4.10.16-18.el7_9.s390.rpm samba-devel-4.10.16-18.el7_9.s390x.rpm samba-python-4.10.16-18.el7_9.s390.rpm samba-python-4.10.16-18.el7_9.s390x.rpm samba-python-test-4.10.16-18.el7_9.s390x.rpm samba-test-4.10.16-18.el7_9.s390x.rpm samba-test-libs-4.10.16-18.el7_9.s390.rpm samba-test-libs-4.10.16-18.el7_9.s390x.rpm samba-winbind-krb5-locator-4.10.16-18.el7_9.s390x.rpm
x86_64: libsmbclient-devel-4.10.16-18.el7_9.i686.rpm libsmbclient-devel-4.10.16-18.el7_9.x86_64.rpm libwbclient-devel-4.10.16-18.el7_9.i686.rpm libwbclient-devel-4.10.16-18.el7_9.x86_64.rpm samba-dc-4.10.16-18.el7_9.x86_64.rpm samba-dc-libs-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.i686.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm samba-devel-4.10.16-18.el7_9.i686.rpm samba-devel-4.10.16-18.el7_9.x86_64.rpm samba-python-test-4.10.16-18.el7_9.x86_64.rpm samba-test-4.10.16-18.el7_9.x86_64.rpm samba-test-libs-4.10.16-18.el7_9.i686.rpm samba-test-libs-4.10.16-18.el7_9.x86_64.rpm samba-vfs-glusterfs-4.10.16-18.el7_9.x86_64.rpm samba-winbind-krb5-locator-4.10.16-18.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: samba-4.10.16-18.el7_9.src.rpm
noarch: samba-common-4.10.16-18.el7_9.noarch.rpm
x86_64: libsmbclient-4.10.16-18.el7_9.i686.rpm libsmbclient-4.10.16-18.el7_9.x86_64.rpm libwbclient-4.10.16-18.el7_9.i686.rpm libwbclient-4.10.16-18.el7_9.x86_64.rpm samba-4.10.16-18.el7_9.x86_64.rpm samba-client-4.10.16-18.el7_9.x86_64.rpm samba-client-libs-4.10.16-18.el7_9.i686.rpm samba-client-libs-4.10.16-18.el7_9.x86_64.rpm samba-common-libs-4.10.16-18.el7_9.i686.rpm samba-common-libs-4.10.16-18.el7_9.x86_64.rpm samba-common-tools-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.i686.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm samba-krb5-printing-4.10.16-18.el7_9.x86_64.rpm samba-libs-4.10.16-18.el7_9.i686.rpm samba-libs-4.10.16-18.el7_9.x86_64.rpm samba-python-4.10.16-18.el7_9.i686.rpm samba-python-4.10.16-18.el7_9.x86_64.rpm samba-winbind-4.10.16-18.el7_9.x86_64.rpm samba-winbind-clients-4.10.16-18.el7_9.x86_64.rpm samba-winbind-modules-4.10.16-18.el7_9.i686.rpm samba-winbind-modules-4.10.16-18.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch: samba-pidl-4.10.16-18.el7_9.noarch.rpm
x86_64: libsmbclient-devel-4.10.16-18.el7_9.i686.rpm libsmbclient-devel-4.10.16-18.el7_9.x86_64.rpm libwbclient-devel-4.10.16-18.el7_9.i686.rpm libwbclient-devel-4.10.16-18.el7_9.x86_64.rpm samba-dc-4.10.16-18.el7_9.x86_64.rpm samba-dc-libs-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.i686.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm samba-devel-4.10.16-18.el7_9.i686.rpm samba-devel-4.10.16-18.el7_9.x86_64.rpm samba-python-test-4.10.16-18.el7_9.x86_64.rpm samba-test-4.10.16-18.el7_9.x86_64.rpm samba-test-libs-4.10.16-18.el7_9.i686.rpm samba-test-libs-4.10.16-18.el7_9.x86_64.rpm samba-vfs-glusterfs-4.10.16-18.el7_9.x86_64.rpm samba-winbind-krb5-locator-4.10.16-18.el7_9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-44142 https://access.redhat.com/security/updates/classification/#critical
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYfg3utzjgjWX9erEAQiW5A/9FfMdoVM57m1MQWjHSyxSKaaQzRG4nASl XluNgbIP6XShKejIacSixa+57y/+xm7ZtQwJvURtwj3JKut6gCnyMqohQ72Pn4YU Wxq0DjNBf33FT0hN7GprY4a2/wOwsC+m1jVhvawZ11IQnRUbDi1pIJFellXUpPVW SUE2sPTqWbePWxPaQmWxXrcrw0f5XLqqHiCV+ME6nF6TVd/LFMvF1b118XEzNmma 7iBvSiORi+3NJTp+vYGgy6tA7ikpeFvLAPpkzUB/XTbF9TMWcKil1L9ceYadt9cR XiNY3Y/n6GdKZt04nwtbpXlS4kq/y5vIVycRT3ZKBAciVbTdJ9a9pTsocdyvrIQq /feWDP1ATyO4NUUUbAbZXgB9RohhFVOs4eCmLTy5XLBWnw2d744/hXwcpyY9F/Rq gPxzyXXAFthavOgezzVEK3T8un3R75UlJZh4R4D5iDzXdQRIK9cT5HrUs3Xz5aTD GyETh0QfGPJlCRTs3saG0+oB197Rtk872NrSeLsiT5XuKUzADuJow759pmIaeZbg EgoDOiKfSp15EvEcbLyx+LYDOPgB2QAZhvKbN52qfxTPzMczmPAE0vStTa5EJlYD G3KQ/ZOObJA1m9/Q9vFv6yAhUAOu8N/n8Vg5nAdOrhCkI5+Pge0N6drabsQQXkzA iv62kDMkb+Q=NKmo -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 8) - aarch64, noarch, ppc64le, s390x, x86_64
3
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202201-0295",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "samba",
"scope": null,
"trust": 2.1,
"vendor": "samba",
"version": null
},
{
"model": "enterprise linux for ibm z systems eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"model": "diskstation manager",
"scope": "gte",
"trust": 1.0,
"vendor": "synology",
"version": "6.2"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "21.10"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "20.04"
},
{
"model": "enterprise linux for power little endian eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "enterprise linux for power little endian",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux for ibm z systems eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "enterprise linux for scientific computing",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "enterprise linux resilient storage",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "diskstation manager",
"scope": "lt",
"trust": 1.0,
"vendor": "synology",
"version": "6.2.4-25556.4"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "enterprise linux for power little endian",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "codeready linux builder",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": null
},
{
"model": "samba",
"scope": "lt",
"trust": 1.0,
"vendor": "samba",
"version": "4.15.5"
},
{
"model": "samba",
"scope": "lt",
"trust": 1.0,
"vendor": "samba",
"version": "4.13.17"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "gluster storage",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.5"
},
{
"model": "enterprise linux for power little endian eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "samba",
"scope": "gte",
"trust": 1.0,
"vendor": "samba",
"version": "4.14.0"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.1"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "samba",
"scope": "lt",
"trust": 1.0,
"vendor": "samba",
"version": "4.14.12"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.1"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "samba",
"scope": "gte",
"trust": 1.0,
"vendor": "samba",
"version": "4.15.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "virtualization host",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "samba",
"scope": "lt",
"trust": 0.8,
"vendor": "samba",
"version": "4.13.17 earlier s"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.8,
"vendor": "samba",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-246"
},
{
"db": "ZDI",
"id": "ZDI-22-245"
},
{
"db": "ZDI",
"id": "ZDI-22-244"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001296"
},
{
"db": "NVD",
"id": "CVE-2021-44142"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nguyen Hoang Thach (https://twitter.com/hi_im_d4rkn3ss) and Billy Jheng Bing-Jhong (https://twitter.com/st424204)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-246"
},
{
"db": "ZDI",
"id": "ZDI-22-245"
}
],
"trust": 1.4
},
"cve": "CVE-2021-44142",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2021-44142",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-406753",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-44142",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-44142",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.4,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 9.9,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2022-001296",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2021-44142",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2021-44142",
"trust": 1.4,
"value": "CRITICAL"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2021-44142",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2021-44142",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2022-001296",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2021-44142",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-406753",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-246"
},
{
"db": "ZDI",
"id": "ZDI-22-245"
},
{
"db": "ZDI",
"id": "ZDI-22-244"
},
{
"db": "VULHUB",
"id": "VHN-406753"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001296"
},
{
"db": "NVD",
"id": "CVE-2021-44142"
},
{
"db": "NVD",
"id": "CVE-2021-44142"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide \"...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.\" Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of AppleDouble entries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. \n\nFor details on migrating Samba/CTDB configuration files, refer to: \n\nhttps://access.redhat.com/solutions/4311261\n\n5. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202309-06\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Samba: Multiple Vulnerabilities\n Date: September 17, 2023\n Bugs: #820566, #821688, #830983, #832433, #861512, #866225, #869122, #878273, #880437, #886153, #903621, #905320, #910334\n ID: 202309-06\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in Samba, the worst of\nwhich could result in root remote code execution. \n\nBackground\n==========\n\nSamba is a suite of SMB and CIFS client/server programs. \n\nAffected packages\n=================\n\nPackage Vulnerable Unaffected\n------------ ------------ ------------\nnet-fs/samba \u003c 4.18.4 \u003e= 4.18.4\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Samba. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Samba users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-fs/samba-4.18.4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2007-4559\n https://nvd.nist.gov/vuln/detail/CVE-2007-4559\n[ 2 ] CVE-2016-2124\n https://nvd.nist.gov/vuln/detail/CVE-2016-2124\n[ 3 ] CVE-2020-17049\n https://nvd.nist.gov/vuln/detail/CVE-2020-17049\n[ 4 ] CVE-2020-25717\n https://nvd.nist.gov/vuln/detail/CVE-2020-25717\n[ 5 ] CVE-2020-25718\n https://nvd.nist.gov/vuln/detail/CVE-2020-25718\n[ 6 ] CVE-2020-25719\n https://nvd.nist.gov/vuln/detail/CVE-2020-25719\n[ 7 ] CVE-2020-25721\n https://nvd.nist.gov/vuln/detail/CVE-2020-25721\n[ 8 ] CVE-2020-25722\n https://nvd.nist.gov/vuln/detail/CVE-2020-25722\n[ 9 ] CVE-2021-3670\n https://nvd.nist.gov/vuln/detail/CVE-2021-3670\n[ 10 ] CVE-2021-3738\n https://nvd.nist.gov/vuln/detail/CVE-2021-3738\n[ 11 ] CVE-2021-20251\n https://nvd.nist.gov/vuln/detail/CVE-2021-20251\n[ 12 ] CVE-2021-20316\n https://nvd.nist.gov/vuln/detail/CVE-2021-20316\n[ 13 ] CVE-2021-23192\n https://nvd.nist.gov/vuln/detail/CVE-2021-23192\n[ 14 ] CVE-2021-44141\n https://nvd.nist.gov/vuln/detail/CVE-2021-44141\n[ 15 ] CVE-2021-44142\n https://nvd.nist.gov/vuln/detail/CVE-2021-44142\n[ 16 ] CVE-2022-0336\n https://nvd.nist.gov/vuln/detail/CVE-2022-0336\n[ 17 ] CVE-2022-1615\n https://nvd.nist.gov/vuln/detail/CVE-2022-1615\n[ 18 ] CVE-2022-2031\n https://nvd.nist.gov/vuln/detail/CVE-2022-2031\n[ 19 ] CVE-2022-3437\n https://nvd.nist.gov/vuln/detail/CVE-2022-3437\n[ 20 ] CVE-2022-3592\n https://nvd.nist.gov/vuln/detail/CVE-2022-3592\n[ 21 ] CVE-2022-32742\n https://nvd.nist.gov/vuln/detail/CVE-2022-32742\n[ 22 ] CVE-2022-32743\n https://nvd.nist.gov/vuln/detail/CVE-2022-32743\n[ 23 ] CVE-2022-32744\n https://nvd.nist.gov/vuln/detail/CVE-2022-32744\n[ 24 ] CVE-2022-32745\n https://nvd.nist.gov/vuln/detail/CVE-2022-32745\n[ 25 ] CVE-2022-32746\n https://nvd.nist.gov/vuln/detail/CVE-2022-32746\n[ 26 ] CVE-2022-37966\n https://nvd.nist.gov/vuln/detail/CVE-2022-37966\n[ 27 ] CVE-2022-37967\n https://nvd.nist.gov/vuln/detail/CVE-2022-37967\n[ 28 ] CVE-2022-38023\n https://nvd.nist.gov/vuln/detail/CVE-2022-38023\n[ 29 ] CVE-2022-42898\n https://nvd.nist.gov/vuln/detail/CVE-2022-42898\n[ 30 ] CVE-2022-45141\n https://nvd.nist.gov/vuln/detail/CVE-2022-45141\n[ 31 ] CVE-2023-0225\n https://nvd.nist.gov/vuln/detail/CVE-2023-0225\n[ 32 ] CVE-2023-0614\n https://nvd.nist.gov/vuln/detail/CVE-2023-0614\n[ 33 ] CVE-2023-0922\n https://nvd.nist.gov/vuln/detail/CVE-2023-0922\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202309-06\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2023 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. =========================================================================\nUbuntu Security Notice USN-5260-3\nFebruary 03, 2022\n\nsamba vulnerability\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 ESM\n- Ubuntu 14.04 ESM\n\nSummary:\n\nSamba could be made to crash when handled certain memory operations. \n\nSoftware Description:\n- samba: SMB/CIFS file, print, and login server for Unix\n\nDetails:\n\nUSN-5260-1 fixed a vulnerability in Samba. This update provides\nthe corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. \n\nOriginal advisory details:\n\n Orange Tsai discovered that the Samba vfs_fruit module incorrectly handled\n certain memory operations. (CVE-2021-44142)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 ESM:\n samba 2:4.3.11+dfsg-0ubuntu0.16.04.34+esm1\n\nUbuntu 14.04 ESM:\n samba 2:4.3.11+dfsg-0ubuntu0.14.04.20+esm12\n\nThis update uses a new upstream release, which includes additional bug\nfixes. In general, a standard system update will make all the necessary\nchanges. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Critical: samba security and bug fix update\nAdvisory ID: RHSA-2022:0328-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:0328\nIssue date: 2022-01-31\nCVE Names: CVE-2021-44142\n====================================================================\n1. Summary:\n\nAn update for samba is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Resilient Storage (v. 7) - ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64\n\n3. Description:\n\nSamba is an open-source implementation of the Server Message Block (SMB)\nprotocol and the related Common Internet File System (CIFS) protocol, which\nallow PC-compatible machines to share files, printers, and various\ninformation. \n\nSecurity Fix(es):\n\n* samba: Out-of-bounds heap read/write vulnerability in VFS module\nvfs_fruit allows code execution (CVE-2021-44142)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* Fix CVE-2020-25717 username map [script] advice (BZ#2034800)\n\n* Fix Kerberos authentication on standalone server with MIT realm\n(BZ#2036595)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the smb service will be restarted\nautomatically. \n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nsamba-4.10.16-18.el7_9.src.rpm\n\nnoarch:\nsamba-common-4.10.16-18.el7_9.noarch.rpm\n\nx86_64:\nlibsmbclient-4.10.16-18.el7_9.i686.rpm\nlibsmbclient-4.10.16-18.el7_9.x86_64.rpm\nlibwbclient-4.10.16-18.el7_9.i686.rpm\nlibwbclient-4.10.16-18.el7_9.x86_64.rpm\nsamba-client-4.10.16-18.el7_9.x86_64.rpm\nsamba-client-libs-4.10.16-18.el7_9.i686.rpm\nsamba-client-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-common-libs-4.10.16-18.el7_9.i686.rpm\nsamba-common-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-common-tools-4.10.16-18.el7_9.x86_64.rpm\nsamba-debuginfo-4.10.16-18.el7_9.i686.rpm\nsamba-debuginfo-4.10.16-18.el7_9.x86_64.rpm\nsamba-krb5-printing-4.10.16-18.el7_9.x86_64.rpm\nsamba-libs-4.10.16-18.el7_9.i686.rpm\nsamba-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-winbind-4.10.16-18.el7_9.x86_64.rpm\nsamba-winbind-clients-4.10.16-18.el7_9.x86_64.rpm\nsamba-winbind-modules-4.10.16-18.el7_9.i686.rpm\nsamba-winbind-modules-4.10.16-18.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nnoarch:\nsamba-pidl-4.10.16-18.el7_9.noarch.rpm\n\nx86_64:\nlibsmbclient-devel-4.10.16-18.el7_9.i686.rpm\nlibsmbclient-devel-4.10.16-18.el7_9.x86_64.rpm\nlibwbclient-devel-4.10.16-18.el7_9.i686.rpm\nlibwbclient-devel-4.10.16-18.el7_9.x86_64.rpm\nsamba-4.10.16-18.el7_9.x86_64.rpm\nsamba-dc-4.10.16-18.el7_9.x86_64.rpm\nsamba-dc-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-debuginfo-4.10.16-18.el7_9.i686.rpm\nsamba-debuginfo-4.10.16-18.el7_9.x86_64.rpm\nsamba-devel-4.10.16-18.el7_9.i686.rpm\nsamba-devel-4.10.16-18.el7_9.x86_64.rpm\nsamba-python-4.10.16-18.el7_9.i686.rpm\nsamba-python-4.10.16-18.el7_9.x86_64.rpm\nsamba-python-test-4.10.16-18.el7_9.x86_64.rpm\nsamba-test-4.10.16-18.el7_9.x86_64.rpm\nsamba-test-libs-4.10.16-18.el7_9.i686.rpm\nsamba-test-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-vfs-glusterfs-4.10.16-18.el7_9.x86_64.rpm\nsamba-winbind-krb5-locator-4.10.16-18.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nsamba-4.10.16-18.el7_9.src.rpm\n\nnoarch:\nsamba-common-4.10.16-18.el7_9.noarch.rpm\n\nx86_64:\nlibsmbclient-4.10.16-18.el7_9.i686.rpm\nlibsmbclient-4.10.16-18.el7_9.x86_64.rpm\nlibwbclient-4.10.16-18.el7_9.i686.rpm\nlibwbclient-4.10.16-18.el7_9.x86_64.rpm\nsamba-client-4.10.16-18.el7_9.x86_64.rpm\nsamba-client-libs-4.10.16-18.el7_9.i686.rpm\nsamba-client-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-common-libs-4.10.16-18.el7_9.i686.rpm\nsamba-common-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-common-tools-4.10.16-18.el7_9.x86_64.rpm\nsamba-debuginfo-4.10.16-18.el7_9.i686.rpm\nsamba-debuginfo-4.10.16-18.el7_9.x86_64.rpm\nsamba-libs-4.10.16-18.el7_9.i686.rpm\nsamba-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-winbind-4.10.16-18.el7_9.x86_64.rpm\nsamba-winbind-clients-4.10.16-18.el7_9.x86_64.rpm\nsamba-winbind-modules-4.10.16-18.el7_9.i686.rpm\nsamba-winbind-modules-4.10.16-18.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nnoarch:\nsamba-pidl-4.10.16-18.el7_9.noarch.rpm\n\nx86_64:\nlibsmbclient-devel-4.10.16-18.el7_9.i686.rpm\nlibsmbclient-devel-4.10.16-18.el7_9.x86_64.rpm\nlibwbclient-devel-4.10.16-18.el7_9.i686.rpm\nlibwbclient-devel-4.10.16-18.el7_9.x86_64.rpm\nsamba-4.10.16-18.el7_9.x86_64.rpm\nsamba-dc-4.10.16-18.el7_9.x86_64.rpm\nsamba-dc-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-debuginfo-4.10.16-18.el7_9.i686.rpm\nsamba-debuginfo-4.10.16-18.el7_9.x86_64.rpm\nsamba-devel-4.10.16-18.el7_9.i686.rpm\nsamba-devel-4.10.16-18.el7_9.x86_64.rpm\nsamba-krb5-printing-4.10.16-18.el7_9.x86_64.rpm\nsamba-python-4.10.16-18.el7_9.i686.rpm\nsamba-python-4.10.16-18.el7_9.x86_64.rpm\nsamba-python-test-4.10.16-18.el7_9.x86_64.rpm\nsamba-test-4.10.16-18.el7_9.x86_64.rpm\nsamba-test-libs-4.10.16-18.el7_9.i686.rpm\nsamba-test-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-vfs-glusterfs-4.10.16-18.el7_9.x86_64.rpm\nsamba-winbind-krb5-locator-4.10.16-18.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nsamba-4.10.16-18.el7_9.src.rpm\n\nnoarch:\nsamba-common-4.10.16-18.el7_9.noarch.rpm\n\nppc64:\nlibsmbclient-4.10.16-18.el7_9.ppc.rpm\nlibsmbclient-4.10.16-18.el7_9.ppc64.rpm\nlibwbclient-4.10.16-18.el7_9.ppc.rpm\nlibwbclient-4.10.16-18.el7_9.ppc64.rpm\nsamba-4.10.16-18.el7_9.ppc64.rpm\nsamba-client-4.10.16-18.el7_9.ppc64.rpm\nsamba-client-libs-4.10.16-18.el7_9.ppc.rpm\nsamba-client-libs-4.10.16-18.el7_9.ppc64.rpm\nsamba-common-libs-4.10.16-18.el7_9.ppc.rpm\nsamba-common-libs-4.10.16-18.el7_9.ppc64.rpm\nsamba-common-tools-4.10.16-18.el7_9.ppc64.rpm\nsamba-debuginfo-4.10.16-18.el7_9.ppc.rpm\nsamba-debuginfo-4.10.16-18.el7_9.ppc64.rpm\nsamba-krb5-printing-4.10.16-18.el7_9.ppc64.rpm\nsamba-libs-4.10.16-18.el7_9.ppc.rpm\nsamba-libs-4.10.16-18.el7_9.ppc64.rpm\nsamba-winbind-4.10.16-18.el7_9.ppc64.rpm\nsamba-winbind-clients-4.10.16-18.el7_9.ppc64.rpm\nsamba-winbind-modules-4.10.16-18.el7_9.ppc.rpm\nsamba-winbind-modules-4.10.16-18.el7_9.ppc64.rpm\n\nppc64le:\nlibsmbclient-4.10.16-18.el7_9.ppc64le.rpm\nlibwbclient-4.10.16-18.el7_9.ppc64le.rpm\nsamba-4.10.16-18.el7_9.ppc64le.rpm\nsamba-client-4.10.16-18.el7_9.ppc64le.rpm\nsamba-client-libs-4.10.16-18.el7_9.ppc64le.rpm\nsamba-common-libs-4.10.16-18.el7_9.ppc64le.rpm\nsamba-common-tools-4.10.16-18.el7_9.ppc64le.rpm\nsamba-debuginfo-4.10.16-18.el7_9.ppc64le.rpm\nsamba-krb5-printing-4.10.16-18.el7_9.ppc64le.rpm\nsamba-libs-4.10.16-18.el7_9.ppc64le.rpm\nsamba-winbind-4.10.16-18.el7_9.ppc64le.rpm\nsamba-winbind-clients-4.10.16-18.el7_9.ppc64le.rpm\nsamba-winbind-modules-4.10.16-18.el7_9.ppc64le.rpm\n\ns390x:\nlibsmbclient-4.10.16-18.el7_9.s390.rpm\nlibsmbclient-4.10.16-18.el7_9.s390x.rpm\nlibwbclient-4.10.16-18.el7_9.s390.rpm\nlibwbclient-4.10.16-18.el7_9.s390x.rpm\nsamba-4.10.16-18.el7_9.s390x.rpm\nsamba-client-4.10.16-18.el7_9.s390x.rpm\nsamba-client-libs-4.10.16-18.el7_9.s390.rpm\nsamba-client-libs-4.10.16-18.el7_9.s390x.rpm\nsamba-common-libs-4.10.16-18.el7_9.s390.rpm\nsamba-common-libs-4.10.16-18.el7_9.s390x.rpm\nsamba-common-tools-4.10.16-18.el7_9.s390x.rpm\nsamba-debuginfo-4.10.16-18.el7_9.s390.rpm\nsamba-debuginfo-4.10.16-18.el7_9.s390x.rpm\nsamba-krb5-printing-4.10.16-18.el7_9.s390x.rpm\nsamba-libs-4.10.16-18.el7_9.s390.rpm\nsamba-libs-4.10.16-18.el7_9.s390x.rpm\nsamba-winbind-4.10.16-18.el7_9.s390x.rpm\nsamba-winbind-clients-4.10.16-18.el7_9.s390x.rpm\nsamba-winbind-modules-4.10.16-18.el7_9.s390.rpm\nsamba-winbind-modules-4.10.16-18.el7_9.s390x.rpm\n\nx86_64:\nlibsmbclient-4.10.16-18.el7_9.i686.rpm\nlibsmbclient-4.10.16-18.el7_9.x86_64.rpm\nlibwbclient-4.10.16-18.el7_9.i686.rpm\nlibwbclient-4.10.16-18.el7_9.x86_64.rpm\nsamba-4.10.16-18.el7_9.x86_64.rpm\nsamba-client-4.10.16-18.el7_9.x86_64.rpm\nsamba-client-libs-4.10.16-18.el7_9.i686.rpm\nsamba-client-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-common-libs-4.10.16-18.el7_9.i686.rpm\nsamba-common-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-common-tools-4.10.16-18.el7_9.x86_64.rpm\nsamba-debuginfo-4.10.16-18.el7_9.i686.rpm\nsamba-debuginfo-4.10.16-18.el7_9.x86_64.rpm\nsamba-krb5-printing-4.10.16-18.el7_9.x86_64.rpm\nsamba-libs-4.10.16-18.el7_9.i686.rpm\nsamba-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-python-4.10.16-18.el7_9.i686.rpm\nsamba-python-4.10.16-18.el7_9.x86_64.rpm\nsamba-winbind-4.10.16-18.el7_9.x86_64.rpm\nsamba-winbind-clients-4.10.16-18.el7_9.x86_64.rpm\nsamba-winbind-modules-4.10.16-18.el7_9.i686.rpm\nsamba-winbind-modules-4.10.16-18.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Server Resilient Storage (v. 7):\n\nppc64le:\nctdb-4.10.16-18.el7_9.ppc64le.rpm\nctdb-tests-4.10.16-18.el7_9.ppc64le.rpm\nsamba-debuginfo-4.10.16-18.el7_9.ppc64le.rpm\n\ns390x:\nctdb-4.10.16-18.el7_9.s390x.rpm\nctdb-tests-4.10.16-18.el7_9.s390x.rpm\nsamba-debuginfo-4.10.16-18.el7_9.s390x.rpm\n\nx86_64:\nctdb-4.10.16-18.el7_9.x86_64.rpm\nctdb-tests-4.10.16-18.el7_9.x86_64.rpm\nsamba-debuginfo-4.10.16-18.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nnoarch:\nsamba-pidl-4.10.16-18.el7_9.noarch.rpm\n\nppc64:\nlibsmbclient-devel-4.10.16-18.el7_9.ppc.rpm\nlibsmbclient-devel-4.10.16-18.el7_9.ppc64.rpm\nlibwbclient-devel-4.10.16-18.el7_9.ppc.rpm\nlibwbclient-devel-4.10.16-18.el7_9.ppc64.rpm\nsamba-dc-4.10.16-18.el7_9.ppc64.rpm\nsamba-dc-libs-4.10.16-18.el7_9.ppc64.rpm\nsamba-debuginfo-4.10.16-18.el7_9.ppc.rpm\nsamba-debuginfo-4.10.16-18.el7_9.ppc64.rpm\nsamba-devel-4.10.16-18.el7_9.ppc.rpm\nsamba-devel-4.10.16-18.el7_9.ppc64.rpm\nsamba-python-4.10.16-18.el7_9.ppc.rpm\nsamba-python-4.10.16-18.el7_9.ppc64.rpm\nsamba-python-test-4.10.16-18.el7_9.ppc64.rpm\nsamba-test-4.10.16-18.el7_9.ppc64.rpm\nsamba-test-libs-4.10.16-18.el7_9.ppc.rpm\nsamba-test-libs-4.10.16-18.el7_9.ppc64.rpm\nsamba-winbind-krb5-locator-4.10.16-18.el7_9.ppc64.rpm\n\nppc64le:\nlibsmbclient-devel-4.10.16-18.el7_9.ppc64le.rpm\nlibwbclient-devel-4.10.16-18.el7_9.ppc64le.rpm\nsamba-dc-4.10.16-18.el7_9.ppc64le.rpm\nsamba-dc-libs-4.10.16-18.el7_9.ppc64le.rpm\nsamba-debuginfo-4.10.16-18.el7_9.ppc64le.rpm\nsamba-devel-4.10.16-18.el7_9.ppc64le.rpm\nsamba-python-4.10.16-18.el7_9.ppc64le.rpm\nsamba-python-test-4.10.16-18.el7_9.ppc64le.rpm\nsamba-test-4.10.16-18.el7_9.ppc64le.rpm\nsamba-test-libs-4.10.16-18.el7_9.ppc64le.rpm\nsamba-winbind-krb5-locator-4.10.16-18.el7_9.ppc64le.rpm\n\ns390x:\nlibsmbclient-devel-4.10.16-18.el7_9.s390.rpm\nlibsmbclient-devel-4.10.16-18.el7_9.s390x.rpm\nlibwbclient-devel-4.10.16-18.el7_9.s390.rpm\nlibwbclient-devel-4.10.16-18.el7_9.s390x.rpm\nsamba-dc-4.10.16-18.el7_9.s390x.rpm\nsamba-dc-libs-4.10.16-18.el7_9.s390x.rpm\nsamba-debuginfo-4.10.16-18.el7_9.s390.rpm\nsamba-debuginfo-4.10.16-18.el7_9.s390x.rpm\nsamba-devel-4.10.16-18.el7_9.s390.rpm\nsamba-devel-4.10.16-18.el7_9.s390x.rpm\nsamba-python-4.10.16-18.el7_9.s390.rpm\nsamba-python-4.10.16-18.el7_9.s390x.rpm\nsamba-python-test-4.10.16-18.el7_9.s390x.rpm\nsamba-test-4.10.16-18.el7_9.s390x.rpm\nsamba-test-libs-4.10.16-18.el7_9.s390.rpm\nsamba-test-libs-4.10.16-18.el7_9.s390x.rpm\nsamba-winbind-krb5-locator-4.10.16-18.el7_9.s390x.rpm\n\nx86_64:\nlibsmbclient-devel-4.10.16-18.el7_9.i686.rpm\nlibsmbclient-devel-4.10.16-18.el7_9.x86_64.rpm\nlibwbclient-devel-4.10.16-18.el7_9.i686.rpm\nlibwbclient-devel-4.10.16-18.el7_9.x86_64.rpm\nsamba-dc-4.10.16-18.el7_9.x86_64.rpm\nsamba-dc-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-debuginfo-4.10.16-18.el7_9.i686.rpm\nsamba-debuginfo-4.10.16-18.el7_9.x86_64.rpm\nsamba-devel-4.10.16-18.el7_9.i686.rpm\nsamba-devel-4.10.16-18.el7_9.x86_64.rpm\nsamba-python-test-4.10.16-18.el7_9.x86_64.rpm\nsamba-test-4.10.16-18.el7_9.x86_64.rpm\nsamba-test-libs-4.10.16-18.el7_9.i686.rpm\nsamba-test-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-vfs-glusterfs-4.10.16-18.el7_9.x86_64.rpm\nsamba-winbind-krb5-locator-4.10.16-18.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nsamba-4.10.16-18.el7_9.src.rpm\n\nnoarch:\nsamba-common-4.10.16-18.el7_9.noarch.rpm\n\nx86_64:\nlibsmbclient-4.10.16-18.el7_9.i686.rpm\nlibsmbclient-4.10.16-18.el7_9.x86_64.rpm\nlibwbclient-4.10.16-18.el7_9.i686.rpm\nlibwbclient-4.10.16-18.el7_9.x86_64.rpm\nsamba-4.10.16-18.el7_9.x86_64.rpm\nsamba-client-4.10.16-18.el7_9.x86_64.rpm\nsamba-client-libs-4.10.16-18.el7_9.i686.rpm\nsamba-client-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-common-libs-4.10.16-18.el7_9.i686.rpm\nsamba-common-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-common-tools-4.10.16-18.el7_9.x86_64.rpm\nsamba-debuginfo-4.10.16-18.el7_9.i686.rpm\nsamba-debuginfo-4.10.16-18.el7_9.x86_64.rpm\nsamba-krb5-printing-4.10.16-18.el7_9.x86_64.rpm\nsamba-libs-4.10.16-18.el7_9.i686.rpm\nsamba-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-python-4.10.16-18.el7_9.i686.rpm\nsamba-python-4.10.16-18.el7_9.x86_64.rpm\nsamba-winbind-4.10.16-18.el7_9.x86_64.rpm\nsamba-winbind-clients-4.10.16-18.el7_9.x86_64.rpm\nsamba-winbind-modules-4.10.16-18.el7_9.i686.rpm\nsamba-winbind-modules-4.10.16-18.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nnoarch:\nsamba-pidl-4.10.16-18.el7_9.noarch.rpm\n\nx86_64:\nlibsmbclient-devel-4.10.16-18.el7_9.i686.rpm\nlibsmbclient-devel-4.10.16-18.el7_9.x86_64.rpm\nlibwbclient-devel-4.10.16-18.el7_9.i686.rpm\nlibwbclient-devel-4.10.16-18.el7_9.x86_64.rpm\nsamba-dc-4.10.16-18.el7_9.x86_64.rpm\nsamba-dc-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-debuginfo-4.10.16-18.el7_9.i686.rpm\nsamba-debuginfo-4.10.16-18.el7_9.x86_64.rpm\nsamba-devel-4.10.16-18.el7_9.i686.rpm\nsamba-devel-4.10.16-18.el7_9.x86_64.rpm\nsamba-python-test-4.10.16-18.el7_9.x86_64.rpm\nsamba-test-4.10.16-18.el7_9.x86_64.rpm\nsamba-test-libs-4.10.16-18.el7_9.i686.rpm\nsamba-test-libs-4.10.16-18.el7_9.x86_64.rpm\nsamba-vfs-glusterfs-4.10.16-18.el7_9.x86_64.rpm\nsamba-winbind-krb5-locator-4.10.16-18.el7_9.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-44142\nhttps://access.redhat.com/security/updates/classification/#critical\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYfg3utzjgjWX9erEAQiW5A/9FfMdoVM57m1MQWjHSyxSKaaQzRG4nASl\nXluNgbIP6XShKejIacSixa+57y/+xm7ZtQwJvURtwj3JKut6gCnyMqohQ72Pn4YU\nWxq0DjNBf33FT0hN7GprY4a2/wOwsC+m1jVhvawZ11IQnRUbDi1pIJFellXUpPVW\nSUE2sPTqWbePWxPaQmWxXrcrw0f5XLqqHiCV+ME6nF6TVd/LFMvF1b118XEzNmma\n7iBvSiORi+3NJTp+vYGgy6tA7ikpeFvLAPpkzUB/XTbF9TMWcKil1L9ceYadt9cR\nXiNY3Y/n6GdKZt04nwtbpXlS4kq/y5vIVycRT3ZKBAciVbTdJ9a9pTsocdyvrIQq\n/feWDP1ATyO4NUUUbAbZXgB9RohhFVOs4eCmLTy5XLBWnw2d744/hXwcpyY9F/Rq\ngPxzyXXAFthavOgezzVEK3T8un3R75UlJZh4R4D5iDzXdQRIK9cT5HrUs3Xz5aTD\nGyETh0QfGPJlCRTs3saG0+oB197Rtk872NrSeLsiT5XuKUzADuJow759pmIaeZbg\nEgoDOiKfSp15EvEcbLyx+LYDOPgB2QAZhvKbN52qfxTPzMczmPAE0vStTa5EJlYD\nG3KQ/ZOObJA1m9/Q9vFv6yAhUAOu8N/n8Vg5nAdOrhCkI5+Pge0N6drabsQQXkzA\niv62kDMkb+Q=NKmo\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-44142"
},
{
"db": "CERT/CC",
"id": "VU#119678"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001296"
},
{
"db": "ZDI",
"id": "ZDI-22-246"
},
{
"db": "ZDI",
"id": "ZDI-22-245"
},
{
"db": "ZDI",
"id": "ZDI-22-244"
},
{
"db": "VULHUB",
"id": "VHN-406753"
},
{
"db": "PACKETSTORM",
"id": "165906"
},
{
"db": "PACKETSTORM",
"id": "174695"
},
{
"db": "PACKETSTORM",
"id": "166138"
},
{
"db": "PACKETSTORM",
"id": "165842"
},
{
"db": "PACKETSTORM",
"id": "165790"
},
{
"db": "PACKETSTORM",
"id": "165788"
}
],
"trust": 4.86
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-406753",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-406753"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-44142",
"trust": 5.6
},
{
"db": "CERT/CC",
"id": "VU#119678",
"trust": 2.7
},
{
"db": "JVN",
"id": "JVNVU92602689",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001296",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15846",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-22-246",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15833",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-22-245",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-16156",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-22-244",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "166138",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165791",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165906",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165789",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165788",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165842",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165790",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "166137",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165793",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165796",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165797",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165905",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165801",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-406753",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "174695",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#119678"
},
{
"db": "ZDI",
"id": "ZDI-22-246"
},
{
"db": "ZDI",
"id": "ZDI-22-245"
},
{
"db": "ZDI",
"id": "ZDI-22-244"
},
{
"db": "VULHUB",
"id": "VHN-406753"
},
{
"db": "PACKETSTORM",
"id": "165906"
},
{
"db": "PACKETSTORM",
"id": "174695"
},
{
"db": "PACKETSTORM",
"id": "166138"
},
{
"db": "PACKETSTORM",
"id": "165842"
},
{
"db": "PACKETSTORM",
"id": "165791"
},
{
"db": "PACKETSTORM",
"id": "165790"
},
{
"db": "PACKETSTORM",
"id": "165789"
},
{
"db": "PACKETSTORM",
"id": "165788"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001296"
},
{
"db": "NVD",
"id": "CVE-2021-44142"
}
]
},
"id": "VAR-202201-0295",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-406753"
}
],
"trust": 0.01
},
"last_update_date": "2025-12-22T21:11:33.302000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Out-of-bounds\u00a0heap\u00a0read/write\u00a0vulnerability\u00a0in\u00a0VFS\u00a0module\u00a0vfs_fruit\u00a0allows\u00a0code\u00a0execution The\u00a0Samba-Bugzilla",
"trust": 2.9,
"url": "https://www.samba.org/samba/security/CVE-2021-44142.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-246"
},
{
"db": "ZDI",
"id": "ZDI-22-245"
},
{
"db": "ZDI",
"id": "ZDI-22-244"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001296"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.1
},
{
"problemtype": "CWE-787",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-406753"
},
{
"db": "NVD",
"id": "CVE-2021-44142"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://www.samba.org/samba/security/cve-2021-44142.html"
},
{
"trust": 1.9,
"url": "https://kb.cert.org/vuls/id/119678"
},
{
"trust": 1.1,
"url": "https://bugzilla.samba.org/show_bug.cgi?id=14914"
},
{
"trust": 1.1,
"url": "https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/202309-06"
},
{
"trust": 1.0,
"url": "https://www.kb.cert.org/vuls/id/119678"
},
{
"trust": 0.8,
"url": "cve-2021-44142 "
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-44142"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92602689/"
},
{
"trust": 0.6,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2021-44142"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/solutions/4311261"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0457"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-37966"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-3592"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25717"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25722"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32742"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-44141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-42898"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3738"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32746"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3670"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32744"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-37967"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0336"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20316"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32743"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-17049"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-38023"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-0922"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-3437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20251"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-0614"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4559"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32745"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25721"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2124"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-45141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2031"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-0225"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-23192"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0663"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5260-3"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5260-1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0330"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0328"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0329"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0332"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#119678"
},
{
"db": "ZDI",
"id": "ZDI-22-246"
},
{
"db": "ZDI",
"id": "ZDI-22-245"
},
{
"db": "ZDI",
"id": "ZDI-22-244"
},
{
"db": "VULHUB",
"id": "VHN-406753"
},
{
"db": "PACKETSTORM",
"id": "165906"
},
{
"db": "PACKETSTORM",
"id": "174695"
},
{
"db": "PACKETSTORM",
"id": "166138"
},
{
"db": "PACKETSTORM",
"id": "165842"
},
{
"db": "PACKETSTORM",
"id": "165791"
},
{
"db": "PACKETSTORM",
"id": "165790"
},
{
"db": "PACKETSTORM",
"id": "165789"
},
{
"db": "PACKETSTORM",
"id": "165788"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001296"
},
{
"db": "NVD",
"id": "CVE-2021-44142"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#119678"
},
{
"db": "ZDI",
"id": "ZDI-22-246"
},
{
"db": "ZDI",
"id": "ZDI-22-245"
},
{
"db": "ZDI",
"id": "ZDI-22-244"
},
{
"db": "VULHUB",
"id": "VHN-406753"
},
{
"db": "PACKETSTORM",
"id": "165906"
},
{
"db": "PACKETSTORM",
"id": "174695"
},
{
"db": "PACKETSTORM",
"id": "166138"
},
{
"db": "PACKETSTORM",
"id": "165842"
},
{
"db": "PACKETSTORM",
"id": "165791"
},
{
"db": "PACKETSTORM",
"id": "165790"
},
{
"db": "PACKETSTORM",
"id": "165789"
},
{
"db": "PACKETSTORM",
"id": "165788"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001296"
},
{
"db": "NVD",
"id": "CVE-2021-44142"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-31T00:00:00",
"db": "CERT/CC",
"id": "VU#119678"
},
{
"date": "2022-02-01T00:00:00",
"db": "ZDI",
"id": "ZDI-22-246"
},
{
"date": "2022-02-01T00:00:00",
"db": "ZDI",
"id": "ZDI-22-245"
},
{
"date": "2022-02-01T00:00:00",
"db": "ZDI",
"id": "ZDI-22-244"
},
{
"date": "2022-02-21T00:00:00",
"db": "VULHUB",
"id": "VHN-406753"
},
{
"date": "2022-02-09T16:03:43",
"db": "PACKETSTORM",
"id": "165906"
},
{
"date": "2023-09-18T13:42:53",
"db": "PACKETSTORM",
"id": "174695"
},
{
"date": "2022-02-24T16:11:06",
"db": "PACKETSTORM",
"id": "166138"
},
{
"date": "2022-02-03T16:31:23",
"db": "PACKETSTORM",
"id": "165842"
},
{
"date": "2022-02-01T17:02:44",
"db": "PACKETSTORM",
"id": "165791"
},
{
"date": "2022-02-01T17:02:33",
"db": "PACKETSTORM",
"id": "165790"
},
{
"date": "2022-02-01T17:00:19",
"db": "PACKETSTORM",
"id": "165789"
},
{
"date": "2022-02-01T17:00:01",
"db": "PACKETSTORM",
"id": "165788"
},
{
"date": "2022-02-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-001296"
},
{
"date": "2022-02-21T15:15:07.380000",
"db": "NVD",
"id": "CVE-2021-44142"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-27T00:00:00",
"db": "CERT/CC",
"id": "VU#119678"
},
{
"date": "2022-02-01T00:00:00",
"db": "ZDI",
"id": "ZDI-22-246"
},
{
"date": "2022-02-01T00:00:00",
"db": "ZDI",
"id": "ZDI-22-245"
},
{
"date": "2022-02-01T00:00:00",
"db": "ZDI",
"id": "ZDI-22-244"
},
{
"date": "2022-02-23T00:00:00",
"db": "VULHUB",
"id": "VHN-406753"
},
{
"date": "2022-02-02T02:33:00",
"db": "JVNDB",
"id": "JVNDB-2022-001296"
},
{
"date": "2025-04-23T19:15:51.880000",
"db": "NVD",
"id": "CVE-2021-44142"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "174695"
},
{
"db": "PACKETSTORM",
"id": "165842"
}
],
"trust": 0.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samba vfs_fruit module insecurely handles extended file attributes",
"sources": [
{
"db": "CERT/CC",
"id": "VU#119678"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code execution",
"sources": [
{
"db": "PACKETSTORM",
"id": "165906"
},
{
"db": "PACKETSTORM",
"id": "166138"
},
{
"db": "PACKETSTORM",
"id": "165791"
},
{
"db": "PACKETSTORM",
"id": "165790"
},
{
"db": "PACKETSTORM",
"id": "165789"
},
{
"db": "PACKETSTORM",
"id": "165788"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.