A vulnerability has been discovered in Samba which could allow for arbitrary code execution. Samba is the standard Windows interoperability suite of programs for Linux and Unix. Successful exploitation of this vulnerability could result in arbitrary code execution as root on affected Samba installations that use the VFS module vfs_fruit. Depending on the permission associated with the application running the exploit, an attacker could then install programs; view, change, or delete data.

THREAT INTELLIGENCE:

There are currently no reports of this vulnerability being exploited in the wild.

A vulnerability has been discovered in Samba installations that use the vfs_fruit module, which could allow for arbitrary code execution. An out-of-bounds heap read write vulnerability exists within the parsing of EA metadata when opening files in smbd. Access as a user that has write access to a file's extended attributes is required to exploit this vulnerability. This could be a guest or unauthenticated user if such users are allowed write access to file extended attributes. The problem in vfs_fruit exists in the default configuration of the fruit VFS module using fruit:metadata=netatalk or fruit:resource=file. If both options are set to different settings than the default values, the system is not affected by the security issue.

Successful exploitation of this vulnerability could result in arbitrary code execution as root on affected Samba installations. Depending on the permission associated with the application running the exploit, an attacker could then install programs; view, change, or delete data.