News

-

SMB vulnerability on vfs_fruit module

This vulnerability only affects ELEMENTS NAS users that have „macOS SMB optimisation“ enabled in the Workspase section or an ELEMENTS ONE or BOLT with a modified „extra SMB option: vfs objects = fruit“.

Please see here about details:

Important message regarding CVE-2021-44142 “Samba Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit”.

Recently, Samba released a patch to address an Out-of-Bounds (OOB) Heap Read/Write vulnerability found in Samba versions prior to 4.13.17. This vulnerability was disclosed at Pwn2Own Austin 2021 by Nguyễn Hoàng Thạch  (@hi_im_d4rkn3ss) and Billy Jheng Bing-Jhong (@st424204) of STAR Labs.

All versions of Samba prior to 4.13.17 are vulnerable to an out-of-bounds heap read write vulnerability that allows remote attackers to execute arbitrary code as root on affected Samba installations that use the VFS module vfs_fruit.

The fruit module that ships with Samba is designed to provide interoperability between Samba and Netatalk.

The problem in vfs_fruit exists in the default configuration of the fruit VFS module using fruit:metadata=netatalk or fruit:resource=file. If both options are set to different settings than the default values, the system is not affected by the security issue.

If you have actively enabled or configured the vfs_fruit module in your smb.conf, we strongly recommend that you contact support to schedule a security check and potential patching of your ELEMENTS system.

Read more about the vulnerability here:
https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin


< Back to overview

Glossar

COBIT

COBIT ist ein international anerkanntes Rahmenwerk für das Management und die Governance von Informationstechnologie. Es bietet ein umfassendes Regelwerk von Prinzipien, Praktiken und analytischen Instrumenten und Modellen zur Steuerung der unternehmensweiten IT.