Versions of Samba 4.4.x prior to 4.4.12, 4.5.x prior to 4.5.7, and 4.6.x prior to 4.6.1 are unpatched, and therefore affected by a race condition that is triggered after the βrealpath()β system call has checked a path. This may allow a local attacker to potentially rename a recently checked path and use a symlink to read from unauthorized parts of the file system.
Binary data 700022.prm