Samba Releases Security Update

Scheduled update for Samba addresses vulnerability CVE-2021-43566.

Threat ID:: CC-4011
Threat Severity:: Information only
Published:: 12 January 2022 12:29 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Scheduled update for Samba addresses vulnerability CVE-2021-43566.

Affected platforms

The following platforms are known to be affected:

Versions: All prior to 4.13.16

Samba

Threat details

Introduction

Samba has released a security update to address a vulnerability in Samba. All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS symlink race to allow a directory to be created in an area of the server file system not exported under the share definition. At the time of publishing, no exploitation has been seen in the wild. An attacker could exploit this vulnerability to take control of an affected system.

Remediation advice

Affected organisations are encouraged to review the following Samba Security Announcement and apply the necessary update or workaround.

Definitive source of threat updates

https://www.samba.org/samba/security/CVE-2021-43566.html

CVE Vulnerabilities

Status Published

CVE-2021-43566

All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed.

Last edited: 12 January 2022 12:40 pm