Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:119678
HistoryJan 31, 2022 - 12:00 a.m.

Samba vfs_fruit module insecurely handles extended file attributes

2022-01-3100:00:00
www.kb.cert.org
82

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.136 Low

EPSS

Percentile

95.5%

JSON

Overview

The Samba vfs_fruit module allows out-of-bounds heap read and write via extended file attributes (CVE-2021-44142). This vulnerability allows a remote attacker to execute arbitrary code with root privileges.

Description

The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide “…enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.” Samba with vfs_fruit configured allows out-of-bounds heap read and write via specially crafted extended file attributes.

For more information, see the Samba announcement for CVE-2021-44142 and bug 14914. Also available for reference is a detailed blog post from ZDI.

Impact

A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root.

From the Samba annoucement for CVE-2021-44142:

> Access as a user that has write access to a file’s extended attributes is required to exploit this vulnerability. Note that this could be a guest or unauthenticated user if such users are allowed write access to file extended attributes.

Solution

Apply an update

Samba has released versions 4.13.17, 4.14.12, and 4.15.5.

Disable vfs_fruit

As a workaround, remove ‘fruit’ from ‘vfs objects’ lines in Samba configuration files (e.g., smb.conf).

Acknowledgements

Thanks to Orange Tsai of DEVCORE for researching and reporting this vulnerability. Thanks also to Samba, ZDI, and Western Digital for coordination efforts.

This document was written by James Stanley and Art Manion.

Vendor Information

119678

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

OpenWRT __ Affected

Notified: 2022-01-24 Updated: 2022-03-25

Statement Date: March 25, 2022

CVE-2021-44142 Affected

Vendor Statement

Fixed in OpenWrt master and 22.03 by upgrade to 4.14.12: https://github.com/openwrt/packages/commit/1fa70d6a3c68bc49bdeae4d505f2e41ff3a0b906

Prepared fix for OpenWrt 21.02 by upgrade to 4.14.12: https://github.com/openwrt/packages/pull/18145

Will not fix this for OpenWrt 19.07, it still uses Samba 4.11.17

Red Hat __ Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 31, 2022

CVE-2021-44142 Affected

Vendor Statement

Red Hat has released updated addressing this vulnerability. These can be found on our CVE page.

References

Samba __ Affected

Notified: 2021-11-23 Updated: 2022-01-31

Statement Date: January 31, 2022

CVE-2021-44142 Affected

Vendor Statement

We have not received a statement from the vendor.

References

SUSE Linux __ Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 24, 2022

CVE-2021-44142 Affected

Vendor Statement

SUSE is affected by this vulnerability and has released or will release updates.

Synology __ Affected

Notified: 2022-01-24 Updated: 2022-02-03

Statement Date: February 03, 2022

CVE-2021-44142 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Ubuntu Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 25, 2022

CVE-2021-44142 Affected

Vendor Statement

We have not received a statement from the vendor.

Advantech Czech Not Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 24, 2022

CVE-2021-44142 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Android Open Source Project Not Affected

Notified: 2022-01-24 Updated: 2022-02-09

Statement Date: February 09, 2022

CVE-2021-44142 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Aruba Networks Not Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 24, 2022

CVE-2021-44142 Not Affected

Vendor Statement

We have not received a statement from the vendor.

AVM GmbH Not Affected

Notified: 2022-01-24 Updated: 2022-02-10

Statement Date: February 10, 2022

CVE-2021-44142 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Check Point __ Not Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 25, 2022

CVE-2021-44142 Not Affected

Vendor Statement

vfs_fruit module is not in use.

Dell SecureWorks Not Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 24, 2022

CVE-2021-44142 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Devicescape Not Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 28, 2022

CVE-2021-44142 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Digi International __ Not Affected

Notified: 2022-01-24 Updated: 2022-06-27

Statement Date: June 27, 2022

CVE-2021-44142 Not Affected

Vendor Statement

After further due diligence, Digi International has determined that we are not affected by this vulnerability due to Samba not being used in our products or services.

eCosCentric __ Not Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 24, 2022

CVE-2021-44142 Not Affected

Vendor Statement

No Samba code in our products

Espressif Systems __ Not Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 24, 2022

CVE-2021-44142 Not Affected

Vendor Statement

Espressif does not include Samba in the products or SDKs.

F5 Networks __ Not Affected

Notified: 2022-01-24 Updated: 2022-02-04

Statement Date: February 04, 2022

CVE-2021-44142 Not Affected

Vendor Statement

Some F5 products contain the affected code. However, F5 identifies the vulnerability status as Not vulnerable because the attacker cannot exploit the code in default, standard, or recommended configurations.

References

Fastly Not Affected

Notified: 2022-01-24 Updated: 2022-02-01

Statement Date: February 01, 2022

CVE-2021-44142 Not Affected

Vendor Statement

We have not received a statement from the vendor.

HardenedBSD __ Not Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 24, 2022

CVE-2021-44142 Not Affected

Vendor Statement

HardenedBSD does not ship with Samba in the base operating system.

Illumos __ Not Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 24, 2022

CVE-2021-44142 Not Affected

Vendor Statement

Samba is not part of illumos proper, but is something distributions add in their own releases.

Internet Initiative Japan Inc. Not Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 25, 2022

CVE-2021-44142 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Joyent __ Not Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 24, 2022

CVE-2021-44142 Not Affected

Vendor Statement

Triton, our cloud management system, is not affected at all.

SmartOS offers SAMBA via pkgsrc, but it is not part of a base SmartOS system. pkgsrc will update SAMBA when SAMBA updates for this case.

Juniper Networks __ Not Affected

Notified: 2022-01-24 Updated: 2022-03-01

Statement Date: March 01, 2022

CVE-2021-44142 Not Affected

Vendor Statement

Based on our investigation we confirm that there are no platforms/products which are affected from this vulnerability.

Security Incident Response Team Juniper Networks

LANCOM Systems GmbH Not Affected

Notified: 2022-01-24 Updated: 2022-02-23

Statement Date: February 23, 2022

CVE-2021-44142 Not Affected

Vendor Statement

We have not received a statement from the vendor.

lwIP Not Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 24, 2022

CVE-2021-44142 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Microsoft Not Affected

Notified: 2022-01-24 Updated: 2022-02-03

Statement Date: February 03, 2022

CVE-2021-44142 Not Affected

Vendor Statement

We have not received a statement from the vendor.

MikroTik __ Not Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 24, 2022

CVE-2021-44142 Not Affected

Vendor Statement

MikroTik does not use “vfs_fruit module” and therefore is not affected by this CVE.

Miredo Not Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 24, 2022

CVE-2021-44142 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Muonics Inc. __ Not Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 25, 2022

CVE-2021-44142 Not Affected

Vendor Statement

Muonics does not use Samba in any of its products and thus this vulnerability is not applicable.

netsnmp Not Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 26, 2022

CVE-2021-44142 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Sierra Wireless Not Affected

Notified: 2022-01-24 Updated: 2022-02-14

Statement Date: February 12, 2022

CVE-2021-44142 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Treck Not Affected

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 24, 2022

CVE-2021-44142 Not Affected

Vendor Statement

We have not received a statement from the vendor.

A10 Networks Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

ACCESS Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Actelis Networks Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Actiontec Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

ADATA Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

ADTRAN Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Advantech Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Advantech B-B Technology Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Aerohive Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

AhnLab Inc Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

AirWatch Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Akamai Technologies Inc. Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Alcatel-Lucent Enterprise Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Allied Telesis Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Alpine Linux Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Altran Intelligent Systems Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Amazon Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

ANTlabs Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Apple Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Arcadyan Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Arch Linux Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Arista Networks Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

ARRIS Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

ASUSTeK Computer Inc. Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Atheros Communications Inc Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

AT&T Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Avaya Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Barracuda Networks Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Belden Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Belkin Inc. Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bell Canada Enterprises Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

BlackBerry Unknown

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 24, 2022

CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Blackberry QNX Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

BlueCat Networks Inc. Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Blue Coat Systems Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Blunk Microsystems Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

BoringSSL Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Broadcom Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Brocade Communication Systems Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Buffalo Technology Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cambium Networks Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

CA Technologies Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ceragon Networks Inc Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cirpack Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cisco Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Citrix Unknown

Notified: 2022-01-26 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

CMX Systems Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Comcast Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Commscope Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Contiki OS Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cradlepoint Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cricket Wireless Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cypress Semiconductor Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

CZ.NIC Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

dd-wrt Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Debian GNU/Linux Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dell Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dell EMC Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

DesktopBSD Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Deutsche Telekom Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

D-Link Systems Inc. Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

dnsmasq Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

DragonFly BSD Project Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

eero Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

EfficientIP Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

ENEA Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ericsson Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

European Registry for Internet Domains Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Express Logic Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Extreme Networks Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fedora Project Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

FNet Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Force10 Networks Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fortinet Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

FreeBSD Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

FreeRTOS Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

F-Secure Corporation Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Gentoo Linux Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

GFI Software Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

GNU adns Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

GNU glibc Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Google Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Grandstream Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Green Hills Software Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

HCC Embedded Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Hewlett Packard Enterprise Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Hitachi Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Honeywell Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

HP Inc. Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

HTC Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Huawei Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

IBM Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

IBM Corporation (zseries) Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

IBM Numa-Q Division (Formerly Sequent) Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

ICASI Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Infoblox Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

InfoExpress Inc. Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Inmarsat Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Intel Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Internet Systems Consortium Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Internet Systems Consortium - DHCP Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

IP Infusion Inc. Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

JH Software Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

JPCERT/CC Vulnerability Handling Team Unknown

Notified: 2022-01-24 Updated: 2022-01-31

Statement Date: January 24, 2022

CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

kubernetes Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Lancope Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Lantronix Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Lenovo Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

LG Electronics Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

LibreSSL Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Linksys Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

LITE-ON Technology Corporation Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

LiteSpeed Technologies Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Lynx Software Technologies Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

m0n0wall Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Marconi Inc. Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Marvell Semiconductor Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

McAfee Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

MediaTek Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Medtronic Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Men & Mice Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Metaswitch Networks Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Microchip Technology Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Micro Focus Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Mitel Networks Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Motorola Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

National Cyber Security Center Netherlands Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

National Cyber Security Centre Finland Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

NCSC-FI Vulnerability Coordinator Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

NEC Corporation Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

NetBSD Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

NetBurner Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

NetComm Wireless Limited Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

NETGEAR Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

NETSCOUT Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

netsnmpj Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Nexenta Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

NIKSUN Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Nixu Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

NLnet Labs Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Nokia Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

OleumTech Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

OpenBSD Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

OpenConnect Ltd Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

OpenDNS Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

OpenIndiana Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

OpenSSL Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Openwall GNU/*/Linux Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Oracle Corporation Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Oryx Embedded Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Paessler Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Palo Alto Networks Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Peplink Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

pfSense Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Philips Electronics Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Phoenix Contact Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

PHPIDS Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

PowerDNS Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Proxim Inc. Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Pulse Secure Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

QLogic Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

QNAP Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Quadros Systems Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Quagga Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Qualcomm Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Quantenna Communications Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Riverbed Technologies Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Roku Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ruckus Wireless Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ruijie Networks Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Samsung Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Samsung Mobile Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Samsung Semiconductor Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Schneider Electric Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Secure64 Software Corporation Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

SEIKO EPSON Corp. / Epson America Inc. Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Slackware Linux Inc. Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

SMC Networks Inc. Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

SmoothWall Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Snort Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

SonicWall Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Sonos Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Sony Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Sophos Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Sourcefire Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Symantec Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

systemd Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

TCPWave Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

TDS Telecom Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Technicolor Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Tenable Network Security Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

The OpenBSD project Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

TippingPoint Technologies Inc. Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Tizen Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

TP-LINK Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

TrueOS Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Turbolinux Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ubiquiti Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Unisys Corporation Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Univention Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Untangle Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

VMware Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Western Digital Unknown

Notified: 2021-11-23 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Wind River Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

WizNET Technology Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

wolfSSL Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Xiaomi Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

XigmaNAS Unknown

Notified: 2022-01-24 Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Xilinx Unknown

Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Zebra Technologies Unknown

Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Zephyr Project Unknown

Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

ZTE Corporation Unknown

Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

Zyxel Unknown

Updated: 2022-01-31 CVE-2021-44142 Unknown

Vendor Statement

We have not received a statement from the vendor.

View all 245 vendors __View less vendors __

References

Other Information

CVE IDs: CVE-2021-44142
Date Public: 2022-01-31 Date First Published:

Related

nessus 54
rocky 2
ibm 6
openvas 41
paloalto 1
cbl_mariner 1
f5 1
suse 3
trendmicroblog 1
threatpost 1
redhat 9
ubuntu 3
osv 7
debiancve 1
githubexploit 3
oraclelinux 2
prion 1
samba 1
cve 1
redhatcve 1
zdi 3
ubuntucve 1
veracode 1
cloudfoundry 1
alpinelinux 1
almalinux 1
centos 1
kaspersky 1
altlinux 1
fedora 2
debian 1
malwarebytes 1
thn 1
amazon 2
cisa 1
redos 1
freebsd 1
mageia 1
gentoo 1
nessus
nessus
RHEL 7 : samba (RHSA-2022:0457)
2022-02-08 00:00:00
RHEL 8 : samba (RHSA-2022:0330)
2022-02-01 00:00:00
AlmaLinux 8 : samba (ALSA-2022:0332)
2022-03-11 00:00:00
rocky
rocky
samba security and bug fix update
2022-02-01 03:32:27
samba security and bug fix update
2022-01-31 15:40:41
ibm
ibm
Security Bulletin: IBM Netezza for Cloud Pak for Data is vulnerable to arbitrary code execution (CVE-2021-44142).
2022-02-25 13:06:29
Security Bulletin: A vulnerability in Samba affects IBM Spectrum Scale SMB protocol access method (CVE-2021-44142)
2022-05-12 15:40:58
Security Bulletin: IBM Cloud Pak for Data System 2.0 is vulnerable to arbitrary code execution due to Samba (CVE-2021-44142)
2022-02-25 05:40:33
openvas
openvas
Ubuntu: Security Advisory (USN-5260-3)
2022-08-26 00:00:00
Synology DiskStation Manager (DSM) 6.2.x < 6.2.4-25556-4 Samba Vulnerability (Synology-SA-22:02) - Remote Known Vulnerable Versions Check
2022-11-18 00:00:00
Samba RCE Vulnerability (CVE-2021-44142)
2022-02-01 00:00:00
paloalto
paloalto
Informational: Impact of the Samba Vulnerability CVE-2021-44142 on PAN-OS
2022-03-09 17:00:00
cbl_mariner
cbl_mariner
CVE-2021-44142 affecting package samba 4.12.5-6
2024-04-26 09:06:34
f5
f5
K84695749 : Samba vulnerability CVE-2021-44142
2022-02-02 00:00:00
suse
suse
Security update for samba (critical)
2022-02-01 00:00:00
Security update for samba (critical)
2022-02-01 00:00:00
Security update for samba (important)
2022-02-01 00:00:00
trendmicroblog
trendmicroblog
The Samba Vulnerability: What is CVE-2021-44142 and How to Fix It
2022-02-02 00:00:00
threatpost
threatpost
Samba 'Fruit' Bug Allows RCE, Full Root User Access
2022-02-01 20:02:02
redhat
redhat
(RHSA-2022:0457) Critical: samba security update
2022-02-07 17:27:51
(RHSA-2022:0458) Critical: samba security update
2022-02-07 17:28:27
(RHSA-2022:0663) Critical: samba security update
2022-02-23 18:47:36
ubuntu
ubuntu
Samba vulnerability
2022-02-01 00:00:00
Samba vulnerability
2022-02-03 00:00:00
Samba vulnerabilities
2022-02-01 00:00:00
osv
osv
samba vulnerability
2022-02-01 11:56:09
samba - security update
2022-02-11 00:00:00
samba vulnerability
2022-02-03 11:36:38
debiancve
debiancve
CVE-2021-44142
2022-02-21 15:15:00
githubexploit
githubexploit
Exploit for Out-of-bounds Read in Samba
2022-03-29 17:32:25
Exploit for Out-of-bounds Read in Samba
2022-03-29 19:03:38
Exploit for Out-of-bounds Read in Samba
2022-04-22 04:46:54
oraclelinux
oraclelinux
samba security and bug fix update
2022-02-01 00:00:00
samba security and bug fix update
2022-02-01 00:00:00
prion
prion
Heap overflow
2022-02-21 15:15:00
samba
samba
Out-of-bounds heap read/write vulnerability
2022-01-31 00:00:00
cve
cve
CVE-2021-44142
2022-02-21 15:15:00
redhatcve
redhatcve
CVE-2021-44142
2022-01-31 15:06:30
zdi
zdi
(Pwn2Own) Samba fruit_pwrite Heap-based Buffer Overflow Remote Code Execution Vulnerability
2022-02-01 00:00:00
(Pwn2Own) Samba fruit_pread Out-Of-Bounds Read Information Disclosure Vulnerability
2022-02-01 00:00:00
Samba AppleDouble Entry Heap-based Buffer Overflow Remote Code Execution Vulnerability
2022-02-01 00:00:00
ubuntucve
ubuntucve
CVE-2021-44142
2022-01-31 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2022-02-03 11:21:59
cloudfoundry
cloudfoundry
USN-5260-2: Samba vulnerability | Cloud Foundry
2022-03-10 00:00:00
alpinelinux
alpinelinux
CVE-2021-44142
2022-02-21 15:15:00
almalinux
almalinux
Critical: samba security and bug fix update
2022-01-31 15:40:41
centos
centos
ctdb, libsmbclient, libwbclient, samba security update
2022-02-01 18:03:11
kaspersky
kaspersky
KLA12439 Multiple vulnerabilities in Samba
2022-01-31 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.14.12-alt1
2022-02-09 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: samba-4.14.12-0.fc34
2022-02-03 01:12:33
[SECURITY] Fedora 35 Update: samba-4.15.5-0.fc35
2022-02-02 01:26:36
debian
debian
[SECURITY] [DSA 5071-1] samba security update
2022-02-11 15:11:29
malwarebytes
malwarebytes
Samba patches critical vulnerability that allows remote code execution as root
2022-02-01 15:22:52
thn
thn
New Samba Bug Allows Remote Attackers to Execute Arbitrary Code as Root
2022-02-01 04:16:00
amazon
amazon
Critical: samba
2022-02-03 19:29:00
Critical: samba
2022-02-10 21:59:00
cisa
cisa
Samba Releases Security Updates
2022-02-01 00:00:00
redos
redos
ROS-20220208-01
2022-02-08 00:00:00
freebsd
freebsd
samba -- Multiple Vulnerabilities
2022-01-31 00:00:00
mageia
mageia
Updated samba packages fix security vulnerability
2022-02-09 23:46:00
gentoo
gentoo
Samba: Multiple Vulnerabilities
2023-09-17 00:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.136 Low

EPSS

Percentile

95.5%

JSON
Related for VU:119678
nessus54rocky2ibm6openvas41paloalto1cbl_mariner1f51suse3trendmicroblog1threatpost1redhat9ubuntu3osv7debiancve1githubexploit3oraclelinux2prion1samba1cve1redhatcve1zdi3ubuntucve1veracode1cloudfoundry1alpinelinux1almalinux1centos1kaspersky1altlinux1fedora2debian1malwarebytes1thn1amazon2cisa1redos1freebsd1mageia1gentoo1