Lucene search

K
ubuntucveUbuntu.comUB:CVE-2021-44141
HistoryJan 31, 2022 - 12:00 a.m.

CVE-2021-44141

2022-01-3100:00:00
ubuntu.com
ubuntu.com
32
samba
vulnerability
malicious client
symlink
file system
smb1
unix extensions

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

22.8%

All versions of Samba prior to 4.15.5 are vulnerable to a malicious client
using a server symlink to determine if a file or directory exists in an
area of the server file system not exported under the share definition.
SMB1 with unix extensions has to be enabled in order for this attack to
succeed.

Bugs

Notes

Author Note
mdeslaur per upstream, fixing this required a whole rewrite of the VFS layer and there is no reasonable way to fix this in versions older than 4.15.x. Marking this CVE as ignored for older releases.

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

22.8%