A Virtual File System of Samba was found to be vulnerable to Remote Code Execution. Versions before 4.13.17 were vulnerable to this vulnerability. Samba is a software used in SMB (Server Message Block) networking protocol used for file sharing, printer sharing, and other network process communications from remote servers.
This Particular vulnerability existed within the parsing of EA metadata when opening files in smbd. smbd is the server daemon responsible for providing file sharing and printing services for windows clients. Attackers need a user with write access with extended attributes to exploit this vulnerability.
These users could be a guest or a user with unauthenticated access who are allowed to associate files with metadata that are not interpreted by the system.
Also read,
If the vfs_fruit exists with default configuration using fruit:metadata=netatalk or fruit:resource=file, this vulnerability can be exploited. If not, there is no security issue.
Patches
Samba has released patches to fix this vulnerability. In addition to that, Samba 4.13.7, 4.14.12, 4.15.5 are released to correct the defect. Samba has advised administrators to apply these patches.
Workaround
Other ways include removing the “fruit” module from the list of configured Virtual File System objects in the smb.conf. Added note states that changing the settings causes inaccessible stored information.
Source: https://cybersecuritynews.com/critical-samba-vulnerability/
