Remote attackers can execute code as root using a Samba bug.

Remote attackers can execute code as root using a Samba bug.

Remote attackers can execute code as root using a Samba bug.

The Samba team has addressed a critical severity vulnerability that can allow remote code execution with root privileges on servers running vulnerable software.

A re-implementation of SMB networking protocol, Samba enables Linux, Windows, and macOS users to share files over a network and print.

As tracked as CVE-2021-44142 and reported by Orange Tsai of DEVCORE, the vulnerability is an out-of-bounds heap read/write present in the vfs_fruit VFS module when parsing EA metadata in smbd.

Samba explained the vulnerability in a security advisory published today: “The issue with vfs_fruit is in the default configuration of the fruit VFS module using fruit:metadata=netatalk or fruit:resource=file.”

If both options are set to different values than the defaults, the system is not affected.”

The vfs_fruit module provides enhanced compatibility with Apple SMB clients and Netatalk 3 AFP fileservers.

Red Hat, SUSE Linux, and Ubuntu are among the platforms impacted by this vulnerability, according to the CERT Coordination Center (CERT/CC).

Samba administrators are recommended to upgrade to these releases or apply the patch as soon as possible to mitigate the defect and thwart any potential attacks exploiting the vulnerability.