8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.136 Low
EPSS
Percentile
95.5%
The Samba vfs_fruit module allows out-of-bounds heap read and write via extended file attributes (CVE-2021-44142). This vulnerability allows a remote attacker to execute arbitrary code with root privileges.
The Samba vfs_fruit
module uses extended file attributes (EA, xattr) to provide “…enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.” Samba with vfs_fruit
configured allows out-of-bounds heap read and write via specially crafted extended file attributes.
For more information, see the Samba announcement for CVE-2021-44142 and bug 14914. Also available for reference is a detailed blog post from ZDI.
A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd
, typically root.
From the Samba annoucement for CVE-2021-44142:
> Access as a user that has write access to a file’s extended attributes is required to exploit this vulnerability. Note that this could be a guest or unauthenticated user if such users are allowed write access to file extended attributes.
Samba has released versions 4.13.17, 4.14.12, and 4.15.5.
As a workaround, remove ‘fruit’ from ‘vfs objects’ lines in Samba configuration files (e.g., smb.conf
).
Thanks to Orange Tsai of DEVCORE for researching and reporting this vulnerability. Thanks also to Samba, ZDI, and Western Digital for coordination efforts.
This document was written by James Stanley and Art Manion.
119678
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Notified: 2022-01-24 Updated: 2022-03-25
Statement Date: March 25, 2022
CVE-2021-44142 | Affected |
---|
Fixed in OpenWrt master and 22.03 by upgrade to 4.14.12: https://github.com/openwrt/packages/commit/1fa70d6a3c68bc49bdeae4d505f2e41ff3a0b906
Prepared fix for OpenWrt 21.02 by upgrade to 4.14.12: https://github.com/openwrt/packages/pull/18145
Will not fix this for OpenWrt 19.07, it still uses Samba 4.11.17
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 31, 2022
CVE-2021-44142 | Affected |
---|
Red Hat has released updated addressing this vulnerability. These can be found on our CVE page.
Notified: 2021-11-23 Updated: 2022-01-31
Statement Date: January 31, 2022
CVE-2021-44142 | Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 24, 2022
CVE-2021-44142 | Affected |
---|
SUSE is affected by this vulnerability and has released or will release updates.
Notified: 2022-01-24 Updated: 2022-02-03
Statement Date: February 03, 2022
CVE-2021-44142 | Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 25, 2022
CVE-2021-44142 | Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 24, 2022
CVE-2021-44142 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-02-09
Statement Date: February 09, 2022
CVE-2021-44142 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 24, 2022
CVE-2021-44142 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-02-10
Statement Date: February 10, 2022
CVE-2021-44142 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 25, 2022
CVE-2021-44142 | Not Affected |
---|
vfs_fruit module is not in use.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 24, 2022
CVE-2021-44142 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 28, 2022
CVE-2021-44142 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-06-27
Statement Date: June 27, 2022
CVE-2021-44142 | Not Affected |
---|
After further due diligence, Digi International has determined that we are not affected by this vulnerability due to Samba not being used in our products or services.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 24, 2022
CVE-2021-44142 | Not Affected |
---|
No Samba code in our products
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 24, 2022
CVE-2021-44142 | Not Affected |
---|
Espressif does not include Samba in the products or SDKs.
Notified: 2022-01-24 Updated: 2022-02-04
Statement Date: February 04, 2022
CVE-2021-44142 | Not Affected |
---|
Some F5 products contain the affected code. However, F5 identifies the vulnerability status as Not vulnerable because the attacker cannot exploit the code in default, standard, or recommended configurations.
Notified: 2022-01-24 Updated: 2022-02-01
Statement Date: February 01, 2022
CVE-2021-44142 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 24, 2022
CVE-2021-44142 | Not Affected |
---|
HardenedBSD does not ship with Samba in the base operating system.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 24, 2022
CVE-2021-44142 | Not Affected |
---|
Samba is not part of illumos proper, but is something distributions add in their own releases.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 25, 2022
CVE-2021-44142 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 24, 2022
CVE-2021-44142 | Not Affected |
---|
Triton, our cloud management system, is not affected at all.
SmartOS offers SAMBA via pkgsrc, but it is not part of a base SmartOS system. pkgsrc will update SAMBA when SAMBA updates for this case.
Notified: 2022-01-24 Updated: 2022-03-01
Statement Date: March 01, 2022
CVE-2021-44142 | Not Affected |
---|
Based on our investigation we confirm that there are no platforms/products which are affected from this vulnerability.
Security Incident Response Team Juniper Networks
Notified: 2022-01-24 Updated: 2022-02-23
Statement Date: February 23, 2022
CVE-2021-44142 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 24, 2022
CVE-2021-44142 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-02-03
Statement Date: February 03, 2022
CVE-2021-44142 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 24, 2022
CVE-2021-44142 | Not Affected |
---|
MikroTik does not use “vfs_fruit module” and therefore is not affected by this CVE.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 24, 2022
CVE-2021-44142 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 25, 2022
CVE-2021-44142 | Not Affected |
---|
Muonics does not use Samba in any of its products and thus this vulnerability is not applicable.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 26, 2022
CVE-2021-44142 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-02-14
Statement Date: February 12, 2022
CVE-2021-44142 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 24, 2022
CVE-2021-44142 | Not Affected |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 24, 2022
CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-26 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31
Statement Date: January 24, 2022
CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2021-11-23 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
Updated: 2022-01-31 CVE-2021-44142 | Unknown |
---|
We have not received a statement from the vendor.
View all 245 vendors __View less vendors __
CVE IDs: | CVE-2021-44142 |
---|---|
Date Public: | 2022-01-31 Date First Published: |
bugzilla.samba.org/show_bug.cgi?id=14914
www.samba.org/samba/docs/current/man-html/vfs_fruit.8.html
www.samba.org/samba/history/security.html
www.samba.org/samba/security/CVE-2021-44142.html
www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.136 Low
EPSS
Percentile
95.5%