CVE-2021-44142

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-44142
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-44142.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-44142
Related
Published
2022-02-21T15:15:07Z
Modified
2024-10-12T08:38:38.593950Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The Samba vfsfruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfsfruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root.

References

Affected packages

Alpine:v3.13 / samba

Package

Name
samba
Purl
pkg:apk/alpine/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.13.17-r0

Affected versions

3.*

3.2.8-r0
3.2.8-r1
3.2.10-r0
3.2.11-r0
3.2.11-r1
3.3.4-r0
3.3.5-r0
3.3.5-r1
3.3.5-r2
3.3.6-r0
3.3.7-r0
3.3.7-r1
3.3.7-r2
3.3.7-r3
3.3.7-r4
3.3.8-r0
3.4.3-r0
3.4.3-r1
3.4.4-r0
3.4.5-r0
3.4.5-r1
3.4.7-r0
3.4.7-r1
3.5.2-r0
3.5.3-r0
3.5.4-r0
3.5.4-r1
3.5.5-r0
3.5.6-r0
3.5.6-r1
3.5.6-r2
3.5.6-r3
3.5.6-r4
3.5.7-r0
3.5.8-r0
3.5.9-r0
3.5.9-r1
3.5.10-r0
3.5.11-r0
3.6.1-r0
3.6.1-r1
3.6.1-r2
3.6.2-r0
3.6.3-r0
3.6.4-r0
3.6.4-r1
3.6.5-r0
3.6.6-r0
3.6.7-r0
3.6.7-r1
3.6.8-r0
3.6.8-r1
3.6.9-r0
3.6.10-r0
3.6.11-r0
3.6.12-r0
3.6.13-r0
3.6.13-r1
3.6.15-r0
3.6.16-r0
3.6.19-r0
3.6.19-r1

4.*

4.1.0-r1
4.1.0-r2
4.1.1-r0
4.1.2-r0
4.1.3-r0
4.1.3-r1
4.1.3-r2
4.1.4-r0
4.1.5-r0
4.1.5-r1
4.1.6-r0
4.1.7-r0
4.1.8-r0
4.1.9-r0
4.1.10-r0
4.1.11-r0
4.1.12-r0
4.1.13-r0
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.16-r0
4.1.17-r0
4.2.0-r0
4.2.0-r1
4.2.1-r0
4.2.1-r1
4.2.1-r2
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.7-r0
4.2.9-r0
4.2.9-r1
4.4.2-r0
4.4.2-r1
4.4.3-r0
4.4.4-r0
4.4.5-r0
4.4.5-r1
4.5.1-r0
4.5.3-r0
4.5.3-r1
4.5.4-r0
4.6.0-r0
4.6.1-r0
4.6.1-r1
4.6.1-r2
4.6.4-r0
4.6.5-r0
4.6.6-r0
4.6.6-r1
4.7.0-r0
4.7.0-r1
4.7.0-r2
4.7.1-r0
4.7.2-r0
4.7.3-r0
4.7.4-r0
4.7.6-r0
4.8.0-r0
4.8.1-r0
4.8.2-r0
4.8.2-r1
4.8.4-r0
4.8.4-r1
4.8.5-r0
4.8.7-r0
4.8.8-r0
4.8.11-r0
4.8.11-r1
4.10.2-r0
4.10.3-r0
4.10.4-r0
4.10.4-r1
4.10.5-r0
4.10.6-r0
4.10.8-r0
4.10.8-r1
4.11.1-r0
4.11.2-r0
4.11.2-r1
4.11.2-r2
4.11.3-r0
4.11.4-r0
4.11.4-r1
4.11.5-r0
4.11.6-r0
4.12.0-r0
4.12.1-r0
4.12.2-r0
4.12.2-r1
4.12.2-r2
4.12.5-r0
4.12.6-r0
4.12.7-r0
4.12.8-r0
4.12.9-r0
4.13.2-r0
4.13.2-r1
4.13.3-r0
4.13.3-r1
4.13.7-r0
4.13.8-r0

Alpine:v3.14 / samba

Package

Name
samba
Purl
pkg:apk/alpine/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.14.12-r0

Affected versions

3.*

3.2.8-r0
3.2.8-r1
3.2.10-r0
3.2.11-r0
3.2.11-r1
3.3.4-r0
3.3.5-r0
3.3.5-r1
3.3.5-r2
3.3.6-r0
3.3.7-r0
3.3.7-r1
3.3.7-r2
3.3.7-r3
3.3.7-r4
3.3.8-r0
3.4.3-r0
3.4.3-r1
3.4.4-r0
3.4.5-r0
3.4.5-r1
3.4.7-r0
3.4.7-r1
3.5.2-r0
3.5.3-r0
3.5.4-r0
3.5.4-r1
3.5.5-r0
3.5.6-r0
3.5.6-r1
3.5.6-r2
3.5.6-r3
3.5.6-r4
3.5.7-r0
3.5.8-r0
3.5.9-r0
3.5.9-r1
3.5.10-r0
3.5.11-r0
3.6.1-r0
3.6.1-r1
3.6.1-r2
3.6.2-r0
3.6.3-r0
3.6.4-r0
3.6.4-r1
3.6.5-r0
3.6.6-r0
3.6.7-r0
3.6.7-r1
3.6.8-r0
3.6.8-r1
3.6.9-r0
3.6.10-r0
3.6.11-r0
3.6.12-r0
3.6.13-r0
3.6.13-r1
3.6.15-r0
3.6.16-r0
3.6.19-r0
3.6.19-r1

4.*

4.1.0-r1
4.1.0-r2
4.1.1-r0
4.1.2-r0
4.1.3-r0
4.1.3-r1
4.1.3-r2
4.1.4-r0
4.1.5-r0
4.1.5-r1
4.1.6-r0
4.1.7-r0
4.1.8-r0
4.1.9-r0
4.1.10-r0
4.1.11-r0
4.1.12-r0
4.1.13-r0
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.16-r0
4.1.17-r0
4.2.0-r0
4.2.0-r1
4.2.1-r0
4.2.1-r1
4.2.1-r2
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.7-r0
4.2.9-r0
4.2.9-r1
4.4.2-r0
4.4.2-r1
4.4.3-r0
4.4.4-r0
4.4.5-r0
4.4.5-r1
4.5.1-r0
4.5.3-r0
4.5.3-r1
4.5.4-r0
4.6.0-r0
4.6.1-r0
4.6.1-r1
4.6.1-r2
4.6.4-r0
4.6.5-r0
4.6.6-r0
4.6.6-r1
4.7.0-r0
4.7.0-r1
4.7.0-r2
4.7.1-r0
4.7.2-r0
4.7.3-r0
4.7.4-r0
4.7.6-r0
4.8.0-r0
4.8.1-r0
4.8.2-r0
4.8.2-r1
4.8.4-r0
4.8.4-r1
4.8.5-r0
4.8.7-r0
4.8.8-r0
4.8.11-r0
4.8.11-r1
4.10.2-r0
4.10.3-r0
4.10.4-r0
4.10.4-r1
4.10.5-r0
4.10.6-r0
4.10.8-r0
4.10.8-r1
4.11.1-r0
4.11.2-r0
4.11.2-r1
4.11.2-r2
4.11.3-r0
4.11.4-r0
4.11.4-r1
4.11.5-r0
4.11.6-r0
4.12.0-r0
4.12.1-r0
4.12.2-r0
4.12.2-r1
4.12.2-r2
4.12.5-r0
4.12.6-r0
4.12.7-r0
4.12.8-r0
4.12.9-r0
4.13.2-r0
4.13.2-r1
4.13.3-r0
4.13.3-r1
4.13.3-r2
4.13.5-r0
4.14.2-r0
4.14.2-r1
4.14.4-r0
4.14.5-r0
4.14.8-r0

Alpine:v3.15 / samba

Package

Name
samba
Purl
pkg:apk/alpine/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.15.12-r0

Affected versions

3.*

3.2.8-r0
3.2.8-r1
3.2.10-r0
3.2.11-r0
3.2.11-r1
3.3.4-r0
3.3.5-r0
3.3.5-r1
3.3.5-r2
3.3.6-r0
3.3.7-r0
3.3.7-r1
3.3.7-r2
3.3.7-r3
3.3.7-r4
3.3.8-r0
3.4.3-r0
3.4.3-r1
3.4.4-r0
3.4.5-r0
3.4.5-r1
3.4.7-r0
3.4.7-r1
3.5.2-r0
3.5.3-r0
3.5.4-r0
3.5.4-r1
3.5.5-r0
3.5.6-r0
3.5.6-r1
3.5.6-r2
3.5.6-r3
3.5.6-r4
3.5.7-r0
3.5.8-r0
3.5.9-r0
3.5.9-r1
3.5.10-r0
3.5.11-r0
3.6.1-r0
3.6.1-r1
3.6.1-r2
3.6.2-r0
3.6.3-r0
3.6.4-r0
3.6.4-r1
3.6.5-r0
3.6.6-r0
3.6.7-r0
3.6.7-r1
3.6.8-r0
3.6.8-r1
3.6.9-r0
3.6.10-r0
3.6.11-r0
3.6.12-r0
3.6.13-r0
3.6.13-r1
3.6.15-r0
3.6.16-r0
3.6.19-r0
3.6.19-r1

4.*

4.1.0-r1
4.1.0-r2
4.1.1-r0
4.1.2-r0
4.1.3-r0
4.1.3-r1
4.1.3-r2
4.1.4-r0
4.1.5-r0
4.1.5-r1
4.1.6-r0
4.1.7-r0
4.1.8-r0
4.1.9-r0
4.1.10-r0
4.1.11-r0
4.1.12-r0
4.1.13-r0
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.16-r0
4.1.17-r0
4.2.0-r0
4.2.0-r1
4.2.1-r0
4.2.1-r1
4.2.1-r2
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.7-r0
4.2.9-r0
4.2.9-r1
4.4.2-r0
4.4.2-r1
4.4.3-r0
4.4.4-r0
4.4.5-r0
4.4.5-r1
4.5.1-r0
4.5.3-r0
4.5.3-r1
4.5.4-r0
4.6.0-r0
4.6.1-r0
4.6.1-r1
4.6.1-r2
4.6.4-r0
4.6.5-r0
4.6.6-r0
4.6.6-r1
4.7.0-r0
4.7.0-r1
4.7.0-r2
4.7.1-r0
4.7.2-r0
4.7.3-r0
4.7.4-r0
4.7.6-r0
4.8.0-r0
4.8.1-r0
4.8.2-r0
4.8.2-r1
4.8.4-r0
4.8.4-r1
4.8.5-r0
4.8.7-r0
4.8.8-r0
4.8.11-r0
4.8.11-r1
4.10.2-r0
4.10.3-r0
4.10.4-r0
4.10.4-r1
4.10.5-r0
4.10.6-r0
4.10.8-r0
4.10.8-r1
4.11.1-r0
4.11.2-r0
4.11.2-r1
4.11.2-r2
4.11.3-r0
4.11.4-r0
4.11.4-r1
4.11.5-r0
4.11.6-r0
4.12.0-r0
4.12.1-r0
4.12.2-r0
4.12.2-r1
4.12.2-r2
4.12.5-r0
4.12.6-r0
4.12.7-r0
4.12.8-r0
4.12.9-r0
4.13.2-r0
4.13.2-r1
4.13.3-r0
4.13.3-r1
4.13.3-r2
4.13.5-r0
4.14.2-r0
4.14.2-r1
4.14.4-r0
4.14.5-r0
4.14.6-r0
4.14.6-r1
4.15.0-r0
4.15.1-r0
4.15.1-r1
4.15.2-r0
4.15.5-r0

Alpine:v3.16 / samba

Package

Name
samba
Purl
pkg:apk/alpine/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.15.12-r0

Affected versions

3.*

3.2.8-r0
3.2.8-r1
3.2.10-r0
3.2.11-r0
3.2.11-r1
3.3.4-r0
3.3.5-r0
3.3.5-r1
3.3.5-r2
3.3.6-r0
3.3.7-r0
3.3.7-r1
3.3.7-r2
3.3.7-r3
3.3.7-r4
3.3.8-r0
3.4.3-r0
3.4.3-r1
3.4.4-r0
3.4.5-r0
3.4.5-r1
3.4.7-r0
3.4.7-r1
3.5.2-r0
3.5.3-r0
3.5.4-r0
3.5.4-r1
3.5.5-r0
3.5.6-r0
3.5.6-r1
3.5.6-r2
3.5.6-r3
3.5.6-r4
3.5.7-r0
3.5.8-r0
3.5.9-r0
3.5.9-r1
3.5.10-r0
3.5.11-r0
3.6.1-r0
3.6.1-r1
3.6.1-r2
3.6.2-r0
3.6.3-r0
3.6.4-r0
3.6.4-r1
3.6.5-r0
3.6.6-r0
3.6.7-r0
3.6.7-r1
3.6.8-r0
3.6.8-r1
3.6.9-r0
3.6.10-r0
3.6.11-r0
3.6.12-r0
3.6.13-r0
3.6.13-r1
3.6.15-r0
3.6.16-r0
3.6.19-r0
3.6.19-r1

4.*

4.1.0-r1
4.1.0-r2
4.1.1-r0
4.1.2-r0
4.1.3-r0
4.1.3-r1
4.1.3-r2
4.1.4-r0
4.1.5-r0
4.1.5-r1
4.1.6-r0
4.1.7-r0
4.1.8-r0
4.1.9-r0
4.1.10-r0
4.1.11-r0
4.1.12-r0
4.1.13-r0
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.16-r0
4.1.17-r0
4.2.0-r0
4.2.0-r1
4.2.1-r0
4.2.1-r1
4.2.1-r2
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.7-r0
4.2.9-r0
4.2.9-r1
4.4.2-r0
4.4.2-r1
4.4.3-r0
4.4.4-r0
4.4.5-r0
4.4.5-r1
4.5.1-r0
4.5.3-r0
4.5.3-r1
4.5.4-r0
4.6.0-r0
4.6.1-r0
4.6.1-r1
4.6.1-r2
4.6.4-r0
4.6.5-r0
4.6.6-r0
4.6.6-r1
4.7.0-r0
4.7.0-r1
4.7.0-r2
4.7.1-r0
4.7.2-r0
4.7.3-r0
4.7.4-r0
4.7.6-r0
4.8.0-r0
4.8.1-r0
4.8.2-r0
4.8.2-r1
4.8.4-r0
4.8.4-r1
4.8.5-r0
4.8.7-r0
4.8.8-r0
4.8.11-r0
4.8.11-r1
4.10.2-r0
4.10.3-r0
4.10.4-r0
4.10.4-r1
4.10.5-r0
4.10.6-r0
4.10.8-r0
4.10.8-r1
4.11.1-r0
4.11.2-r0
4.11.2-r1
4.11.2-r2
4.11.3-r0
4.11.4-r0
4.11.4-r1
4.11.5-r0
4.11.6-r0
4.12.0-r0
4.12.1-r0
4.12.2-r0
4.12.2-r1
4.12.2-r2
4.12.5-r0
4.12.6-r0
4.12.7-r0
4.12.8-r0
4.12.9-r0
4.13.2-r0
4.13.2-r1
4.13.3-r0
4.13.3-r1
4.13.3-r2
4.13.5-r0
4.14.2-r0
4.14.2-r1
4.14.4-r0
4.14.5-r0
4.14.6-r0
4.14.6-r1
4.15.0-r0
4.15.1-r0
4.15.1-r1
4.15.2-r0
4.15.3-r0
4.15.3-r1
4.15.5-r0
4.15.5-r1
4.15.6-r0
4.15.7-r0

Debian:11 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:4.13.13+dfsg-1~deb11u3

Affected versions

2:4.*

2:4.13.5+dfsg-2
2:4.13.13+dfsg-1~deb11u1
2:4.13.13+dfsg-1~deb11u2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:4.16.0+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:4.16.0+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/samba-team/samba

Affected ranges

Type
GIT
Repo
https://github.com/samba-team/samba
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

ldb-1.*

ldb-1.1.0
ldb-1.1.10
ldb-1.1.11
ldb-1.1.12
ldb-1.1.13
ldb-1.1.14
ldb-1.1.15
ldb-1.1.16
ldb-1.1.17
ldb-1.1.18
ldb-1.1.19
ldb-1.1.2
ldb-1.1.20
ldb-1.1.21
ldb-1.1.22
ldb-1.1.23
ldb-1.1.24
ldb-1.1.25
ldb-1.1.26
ldb-1.1.27
ldb-1.1.28
ldb-1.1.29
ldb-1.1.3
ldb-1.1.30
ldb-1.1.31
ldb-1.1.4
ldb-1.1.5
ldb-1.1.6
ldb-1.1.8
ldb-1.1.9
ldb-1.2.0
ldb-1.2.1
ldb-1.2.2
ldb-1.3.0
ldb-1.3.1
ldb-1.3.2
ldb-1.4.0
ldb-1.4.1
ldb-1.5.0
ldb-1.5.1
ldb-1.5.2
ldb-1.6.1
ldb-1.6.2
ldb-1.6.3

ldb-2.*

ldb-2.0.5
ldb-2.1.0
ldb-2.1.1
ldb-2.2.0
ldb-2.2.1
ldb-2.2.2
ldb-2.2.3

samba-4.*

samba-4.0.0alpha10
samba-4.0.0alpha11
samba-4.0.0alpha13
samba-4.0.0alpha14
samba-4.0.0alpha15
samba-4.0.0alpha16
samba-4.0.0alpha17
samba-4.0.0alpha18
samba-4.0.0alpha19
samba-4.0.0alpha20
samba-4.0.0alpha21
samba-4.0.0alpha6
samba-4.0.0alpha7
samba-4.0.0alpha8
samba-4.0.0alpha9
samba-4.0.0beta1
samba-4.0.0beta2
samba-4.0.0beta3
samba-4.0.0beta4
samba-4.0.0beta5
samba-4.0.0beta6
samba-4.0.0beta7
samba-4.0.0beta8
samba-4.0.0rc1
samba-4.10.0rc1
samba-4.11.0rc1
samba-4.12.0rc1
samba-4.13.0
samba-4.13.0rc1
samba-4.13.0rc2
samba-4.13.0rc3
samba-4.13.0rc4
samba-4.13.0rc5
samba-4.13.0rc6
samba-4.13.1
samba-4.13.10
samba-4.13.11
samba-4.13.12
samba-4.13.13
samba-4.13.14
samba-4.13.15
samba-4.13.16
samba-4.13.2
samba-4.13.3
samba-4.13.4
samba-4.13.5
samba-4.13.6
samba-4.13.7
samba-4.13.8
samba-4.13.9
samba-4.2.0rc1
samba-4.3.0rc1
samba-4.4.0rc1
samba-4.5.0rc1
samba-4.6.0rc1
samba-4.7.0rc1
samba-4.8.0rc1
samba-4.9.0rc1

talloc-1.*

talloc-1.3.1

talloc-2.*

talloc-2.0.0
talloc-2.0.1
talloc-2.0.7
talloc-2.0.8
talloc-2.1.0
talloc-2.1.1
talloc-2.1.10
talloc-2.1.11
talloc-2.1.12
talloc-2.1.13
talloc-2.1.14
talloc-2.1.15
talloc-2.1.16
talloc-2.1.2
talloc-2.1.3
talloc-2.1.4
talloc-2.1.5
talloc-2.1.6
talloc-2.1.7
talloc-2.1.8
talloc-2.1.9
talloc-2.2.0
talloc-2.3.0
talloc-2.3.1

tdb-1.*

tdb-1.1.5
tdb-1.2.0
tdb-1.2.1
tdb-1.2.10
tdb-1.2.11
tdb-1.2.12
tdb-1.2.13
tdb-1.3.0
tdb-1.3.1
tdb-1.3.10
tdb-1.3.11
tdb-1.3.12
tdb-1.3.13
tdb-1.3.14
tdb-1.3.15
tdb-1.3.16
tdb-1.3.17
tdb-1.3.18
tdb-1.3.2
tdb-1.3.3
tdb-1.3.4
tdb-1.3.5
tdb-1.3.6
tdb-1.3.7
tdb-1.3.8
tdb-1.3.9
tdb-1.4.0
tdb-1.4.1
tdb-1.4.2
tdb-1.4.3

tevent-0.*

tevent-0.10.0
tevent-0.10.1
tevent-0.10.2
tevent-0.9.11
tevent-0.9.12
tevent-0.9.13
tevent-0.9.14
tevent-0.9.15
tevent-0.9.16
tevent-0.9.17
tevent-0.9.18
tevent-0.9.19
tevent-0.9.20
tevent-0.9.21
tevent-0.9.22
tevent-0.9.23
tevent-0.9.24
tevent-0.9.25
tevent-0.9.26
tevent-0.9.27
tevent-0.9.28
tevent-0.9.29
tevent-0.9.30
tevent-0.9.31
tevent-0.9.32
tevent-0.9.33
tevent-0.9.34
tevent-0.9.35
tevent-0.9.36
tevent-0.9.37
tevent-0.9.38
tevent-0.9.39
tevent-0.9.8