SMB vulnerability on vfs_fruit module
This vulnerability only affects ELEMENTS NAS users that have „macOS SMB optimisation“ enabled in the Workspase section or an ELEMENTS ONE or BOLT with a modified „extra SMB option: vfs objects = fruit“.
Please see here about details:
Important message regarding CVE-2021-44142 “Samba Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit”.
Recently, Samba released a patch to address an Out-of-Bounds (OOB) Heap Read/Write vulnerability found in Samba versions prior to 4.13.17. This vulnerability was disclosed at Pwn2Own Austin 2021 by Nguyễn Hoàng Thạch (@hi_im_d4rkn3ss) and Billy Jheng Bing-Jhong (@st424204) of STAR Labs.
All versions of Samba prior to 4.13.17 are vulnerable to an out-of-bounds heap read write vulnerability that allows remote attackers to execute arbitrary code as root on affected Samba installations that use the VFS module vfs_fruit.
The fruit module that ships with Samba is designed to provide interoperability between Samba and Netatalk.
The problem in vfs_fruit exists in the default configuration of the fruit VFS module using fruit:metadata=netatalk or fruit:resource=file. If both options are set to different settings than the default values, the system is not affected by the security issue.
If you have actively enabled or configured the vfs_fruit module in your smb.conf, we strongly recommend that you contact support to schedule a security check and potential patching of your ELEMENTS system.
Read more about the vulnerability here:
https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin
