CVE-2023-4091

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-4091

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-4091.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-4091

Related

Published

2023-11-03T08:15:08Z

Modified

2024-09-16T16:52:56.145505Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only access but then implicitly truncates the opened file to 0 bytes if the client specifies a separate OVERWRITE create disposition request. The issue arises in configurations that bypass kernel file system permissions checks, relying solely on Samba's permissions.

References

Affected packages

Alpine:v3.18 / samba

Package

Name: samba
Purl: pkg:apk/alpine/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.8-r0

Affected versions

3.*

3.2.8-r0

3.2.8-r1

3.2.10-r0

3.2.11-r0

3.2.11-r1

3.3.4-r0

3.3.5-r0

3.3.5-r1

3.3.5-r2

3.3.6-r0

3.3.7-r0

3.3.7-r1

3.3.7-r2

3.3.7-r3

3.3.7-r4

3.3.8-r0

3.4.3-r0

3.4.3-r1

3.4.4-r0

3.4.5-r0

3.4.5-r1

3.4.7-r0

3.4.7-r1

3.5.2-r0

3.5.3-r0

3.5.4-r0

3.5.4-r1

3.5.5-r0

3.5.6-r0

3.5.6-r1

3.5.6-r2

3.5.6-r3

3.5.6-r4

3.5.7-r0

3.5.8-r0

3.5.9-r0

3.5.9-r1

3.5.10-r0

3.5.11-r0

3.6.1-r0

3.6.1-r1

3.6.1-r2

3.6.2-r0

3.6.3-r0

3.6.4-r0

3.6.4-r1

3.6.5-r0

3.6.6-r0

3.6.7-r0

3.6.7-r1

3.6.8-r0

3.6.8-r1

3.6.9-r0

3.6.10-r0

3.6.11-r0

3.6.12-r0

3.6.13-r0

3.6.13-r1

3.6.15-r0

3.6.16-r0

3.6.19-r0

3.6.19-r1

4.*

4.1.0-r1

4.1.0-r2

4.1.1-r0

4.1.2-r0

4.1.3-r0

4.1.3-r1

4.1.3-r2

4.1.4-r0

4.1.5-r0

4.1.5-r1

4.1.6-r0

4.1.7-r0

4.1.8-r0

4.1.9-r0

4.1.10-r0

4.1.11-r0

4.1.12-r0

4.1.13-r0

4.1.14-r0

4.1.14-r1

4.1.15-r0

4.1.16-r0

4.1.17-r0

4.2.0-r0

4.2.0-r1

4.2.1-r0

4.2.1-r1

4.2.1-r2

4.2.3-r0

4.2.3-r1

4.2.3-r2

4.2.3-r3

4.2.7-r0

4.2.9-r0

4.2.9-r1

4.4.2-r0

4.4.2-r1

4.4.3-r0

4.4.4-r0

4.4.5-r0

4.4.5-r1

4.5.1-r0

4.5.3-r0

4.5.3-r1

4.5.4-r0

4.6.0-r0

4.6.1-r0

4.6.1-r1

4.6.1-r2

4.6.4-r0

4.6.5-r0

4.6.6-r0

4.6.6-r1

4.7.0-r0

4.7.0-r1

4.7.0-r2

4.7.1-r0

4.7.2-r0

4.7.3-r0

4.7.4-r0

4.7.6-r0

4.8.0-r0

4.8.1-r0

4.8.2-r0

4.8.2-r1

4.8.4-r0

4.8.4-r1

4.8.5-r0

4.8.7-r0

4.8.8-r0

4.8.11-r0

4.8.11-r1

4.10.2-r0

4.10.3-r0

4.10.4-r0

4.10.4-r1

4.10.5-r0

4.10.6-r0

4.10.8-r0

4.10.8-r1

4.11.1-r0

4.11.2-r0

4.11.2-r1

4.11.2-r2

4.11.3-r0

4.11.4-r0

4.11.4-r1

4.11.5-r0

4.11.6-r0

4.12.0-r0

4.12.1-r0

4.12.2-r0

4.12.2-r1

4.12.2-r2

4.12.5-r0

4.12.6-r0

4.12.7-r0

4.12.8-r0

4.12.9-r0

4.13.2-r0

4.13.2-r1

4.13.3-r0

4.13.3-r1

4.13.3-r2

4.13.5-r0

4.14.2-r0

4.14.2-r1

4.14.4-r0

4.14.5-r0

4.14.6-r0

4.14.6-r1

4.15.0-r0

4.15.1-r0

4.15.1-r1

4.15.2-r0

4.15.3-r0

4.15.3-r1

4.15.5-r0

4.15.5-r1

4.15.6-r0

4.15.7-r0

4.15.7-r1

4.15.9-r0

4.16.4-r0

4.16.6-r0

4.16.7-r0

4.16.7-r1

4.16.8-r0

4.16.8-r1

4.17.4-r0

4.17.4-r1

4.17.5-r0

4.17.5-r1

4.18.0-r0

4.18.1-r0

4.18.1-r1

4.18.2-r0

4.18.3-r0

4.18.4-r0

4.18.5-r0

4.18.6-r0

4.18.7-r0

Alpine:v3.19 / samba

Package

Name: samba
Purl: pkg:apk/alpine/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.8-r0

Affected versions

3.*

3.2.8-r0

3.2.8-r1

3.2.10-r0

3.2.11-r0

3.2.11-r1

3.3.4-r0

3.3.5-r0

3.3.5-r1

3.3.5-r2

3.3.6-r0

3.3.7-r0

3.3.7-r1

3.3.7-r2

3.3.7-r3

3.3.7-r4

3.3.8-r0

3.4.3-r0

3.4.3-r1

3.4.4-r0

3.4.5-r0

3.4.5-r1

3.4.7-r0

3.4.7-r1

3.5.2-r0

3.5.3-r0

3.5.4-r0

3.5.4-r1

3.5.5-r0

3.5.6-r0

3.5.6-r1

3.5.6-r2

3.5.6-r3

3.5.6-r4

3.5.7-r0

3.5.8-r0

3.5.9-r0

3.5.9-r1

3.5.10-r0

3.5.11-r0

3.6.1-r0

3.6.1-r1

3.6.1-r2

3.6.2-r0

3.6.3-r0

3.6.4-r0

3.6.4-r1

3.6.5-r0

3.6.6-r0

3.6.7-r0

3.6.7-r1

3.6.8-r0

3.6.8-r1

3.6.9-r0

3.6.10-r0

3.6.11-r0

3.6.12-r0

3.6.13-r0

3.6.13-r1

3.6.15-r0

3.6.16-r0

3.6.19-r0

3.6.19-r1

4.*

4.1.0-r1

4.1.0-r2

4.1.1-r0

4.1.2-r0

4.1.3-r0

4.1.3-r1

4.1.3-r2

4.1.4-r0

4.1.5-r0

4.1.5-r1

4.1.6-r0

4.1.7-r0

4.1.8-r0

4.1.9-r0

4.1.10-r0

4.1.11-r0

4.1.12-r0

4.1.13-r0

4.1.14-r0

4.1.14-r1

4.1.15-r0

4.1.16-r0

4.1.17-r0

4.2.0-r0

4.2.0-r1

4.2.1-r0

4.2.1-r1

4.2.1-r2

4.2.3-r0

4.2.3-r1

4.2.3-r2

4.2.3-r3

4.2.7-r0

4.2.9-r0

4.2.9-r1

4.4.2-r0

4.4.2-r1

4.4.3-r0

4.4.4-r0

4.4.5-r0

4.4.5-r1

4.5.1-r0

4.5.3-r0

4.5.3-r1

4.5.4-r0

4.6.0-r0

4.6.1-r0

4.6.1-r1

4.6.1-r2

4.6.4-r0

4.6.5-r0

4.6.6-r0

4.6.6-r1

4.7.0-r0

4.7.0-r1

4.7.0-r2

4.7.1-r0

4.7.2-r0

4.7.3-r0

4.7.4-r0

4.7.6-r0

4.8.0-r0

4.8.1-r0

4.8.2-r0

4.8.2-r1

4.8.4-r0

4.8.4-r1

4.8.5-r0

4.8.7-r0

4.8.8-r0

4.8.11-r0

4.8.11-r1

4.10.2-r0

4.10.3-r0

4.10.4-r0

4.10.4-r1

4.10.5-r0

4.10.6-r0

4.10.8-r0

4.10.8-r1

4.11.1-r0

4.11.2-r0

4.11.2-r1

4.11.2-r2

4.11.3-r0

4.11.4-r0

4.11.4-r1

4.11.5-r0

4.11.6-r0

4.12.0-r0

4.12.1-r0

4.12.2-r0

4.12.2-r1

4.12.2-r2

4.12.5-r0

4.12.6-r0

4.12.7-r0

4.12.8-r0

4.12.9-r0

4.13.2-r0

4.13.2-r1

4.13.3-r0

4.13.3-r1

4.13.3-r2

4.13.5-r0

4.14.2-r0

4.14.2-r1

4.14.4-r0

4.14.5-r0

4.14.6-r0

4.14.6-r1

4.15.0-r0

4.15.1-r0

4.15.1-r1

4.15.2-r0

4.15.3-r0

4.15.3-r1

4.15.5-r0

4.15.5-r1

4.15.6-r0

4.15.7-r0

4.15.7-r1

4.15.9-r0

4.16.4-r0

4.16.6-r0

4.16.7-r0

4.16.7-r1

4.16.8-r0

4.16.8-r1

4.17.4-r0

4.17.4-r1

4.17.5-r0

4.17.5-r1

4.18.0-r0

4.18.1-r0

4.18.1-r1

4.18.2-r0

4.18.3-r0

4.18.3-r1

4.18.4-r0

4.18.5-r0

4.18.5-r1

4.18.6-r0

4.18.7-r0

Alpine:v3.20 / samba

Package

Name: samba
Purl: pkg:apk/alpine/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.8-r0

Affected versions

3.*

3.2.8-r0

3.2.8-r1

3.2.10-r0

3.2.11-r0

3.2.11-r1

3.3.4-r0

3.3.5-r0

3.3.5-r1

3.3.5-r2

3.3.6-r0

3.3.7-r0

3.3.7-r1

3.3.7-r2

3.3.7-r3

3.3.7-r4

3.3.8-r0

3.4.3-r0

3.4.3-r1

3.4.4-r0

3.4.5-r0

3.4.5-r1

3.4.7-r0

3.4.7-r1

3.5.2-r0

3.5.3-r0

3.5.4-r0

3.5.4-r1

3.5.5-r0

3.5.6-r0

3.5.6-r1

3.5.6-r2

3.5.6-r3

3.5.6-r4

3.5.7-r0

3.5.8-r0

3.5.9-r0

3.5.9-r1

3.5.10-r0

3.5.11-r0

3.6.1-r0

3.6.1-r1

3.6.1-r2

3.6.2-r0

3.6.3-r0

3.6.4-r0

3.6.4-r1

3.6.5-r0

3.6.6-r0

3.6.7-r0

3.6.7-r1

3.6.8-r0

3.6.8-r1

3.6.9-r0

3.6.10-r0

3.6.11-r0

3.6.12-r0

3.6.13-r0

3.6.13-r1

3.6.15-r0

3.6.16-r0

3.6.19-r0

3.6.19-r1

4.*

4.1.0-r1

4.1.0-r2

4.1.1-r0

4.1.2-r0

4.1.3-r0

4.1.3-r1

4.1.3-r2

4.1.4-r0

4.1.5-r0

4.1.5-r1

4.1.6-r0

4.1.7-r0

4.1.8-r0

4.1.9-r0

4.1.10-r0

4.1.11-r0

4.1.12-r0

4.1.13-r0

4.1.14-r0

4.1.14-r1

4.1.15-r0

4.1.16-r0

4.1.17-r0

4.2.0-r0

4.2.0-r1

4.2.1-r0

4.2.1-r1

4.2.1-r2

4.2.3-r0

4.2.3-r1

4.2.3-r2

4.2.3-r3

4.2.7-r0

4.2.9-r0

4.2.9-r1

4.4.2-r0

4.4.2-r1

4.4.3-r0

4.4.4-r0

4.4.5-r0

4.4.5-r1

4.5.1-r0

4.5.3-r0

4.5.3-r1

4.5.4-r0

4.6.0-r0

4.6.1-r0

4.6.1-r1

4.6.1-r2

4.6.4-r0

4.6.5-r0

4.6.6-r0

4.6.6-r1

4.7.0-r0

4.7.0-r1

4.7.0-r2

4.7.1-r0

4.7.2-r0

4.7.3-r0

4.7.4-r0

4.7.6-r0

4.8.0-r0

4.8.1-r0

4.8.2-r0

4.8.2-r1

4.8.4-r0

4.8.4-r1

4.8.5-r0

4.8.7-r0

4.8.8-r0

4.8.11-r0

4.8.11-r1

4.10.2-r0

4.10.3-r0

4.10.4-r0

4.10.4-r1

4.10.5-r0

4.10.6-r0

4.10.8-r0

4.10.8-r1

4.11.1-r0

4.11.2-r0

4.11.2-r1

4.11.2-r2

4.11.3-r0

4.11.4-r0

4.11.4-r1

4.11.5-r0

4.11.6-r0

4.12.0-r0

4.12.1-r0

4.12.2-r0

4.12.2-r1

4.12.2-r2

4.12.5-r0

4.12.6-r0

4.12.7-r0

4.12.8-r0

4.12.9-r0

4.13.2-r0

4.13.2-r1

4.13.3-r0

4.13.3-r1

4.13.3-r2

4.13.5-r0

4.14.2-r0

4.14.2-r1

4.14.4-r0

4.14.5-r0

4.14.6-r0

4.14.6-r1

4.15.0-r0

4.15.1-r0

4.15.1-r1

4.15.2-r0

4.15.3-r0

4.15.3-r1

4.15.5-r0

4.15.5-r1

4.15.6-r0

4.15.7-r0

4.15.7-r1

4.15.9-r0

4.16.4-r0

4.16.6-r0

4.16.7-r0

4.16.7-r1

4.16.8-r0

4.16.8-r1

4.17.4-r0

4.17.4-r1

4.17.5-r0

4.17.5-r1

4.18.0-r0

4.18.1-r0

4.18.1-r1

4.18.2-r0

4.18.3-r0

4.18.3-r1

4.18.4-r0

4.18.5-r0

4.18.5-r1

4.18.6-r0

4.18.7-r0

Debian:11 / samba

Package

Name: samba
Purl: pkg:deb/debian/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:4.13.13+dfsg-1~deb11u6

Affected versions

2:4.*

2:4.13.5+dfsg-2

2:4.13.13+dfsg-1~deb11u1

2:4.13.13+dfsg-1~deb11u2

2:4.13.13+dfsg-1~deb11u3

2:4.13.13+dfsg-1~deb11u4

2:4.13.13+dfsg-1~deb11u5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / samba

Package

Name: samba
Purl: pkg:deb/debian/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:4.17.12+dfsg-0+deb12u1

Affected versions

2:4.*

2:4.17.8+dfsg-2

2:4.17.9+dfsg-0+deb12u1

2:4.17.9+dfsg-0+deb12u2

2:4.17.9+dfsg-0+deb12u3~bpo11+1

2:4.17.9+dfsg-0+deb12u3

2:4.17.10+dfsg-0+deb12u1~bpo11+1

2:4.17.10+dfsg-0+deb12u1

2:4.17.11+dfsg-0+deb12u1

2:4.17.12+dfsg-0+deb12u1~bpo11+1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / samba

Package

Name: samba
Purl: pkg:deb/debian/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:4.19.1+dfsg-1

Affected versions

2:4.*

2:4.17.8+dfsg-2

2:4.18.0~rc1+dfsg-1exp

2:4.18.0~rc2+dfsg-1

2:4.18.0~rc3+dfsg-1

2:4.18.0~rc4+dfsg-1

2:4.18.0+dfsg-1~exp1

2:4.18.1+dfsg-1~exp1

2:4.18.2+dfsg-1

2:4.18.3+dfsg-1

2:4.18.3+dfsg-2

2:4.18.3+dfsg-3

2:4.18.4+dfsg-1

2:4.18.4+dfsg-2~bpo12+1

2:4.18.4+dfsg-2

2:4.18.5+dfsg-1

2:4.18.5+dfsg-2~bpo12+1

2:4.18.5+dfsg-2

2:4.18.6+dfsg-1~bpo12+1

2:4.18.6+dfsg-1

2:4.18.8+dfsg-1~bpo12+1

2:4.19.0~rc1+dfsg-1

2:4.19.0~rc1+dfsg-2

2:4.19.0~rc1+dfsg-3

2:4.19.0~rc2+dfsg-1

2:4.19.0~rc4+dfsg-1

2:4.19.0~rc4+dfsg-2

2:4.19.0+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/samba-team/samba

Affected ranges

Type: GIT
Repo: https://github.com/samba-team/samba
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

7ec207cd4146919e4ee88e5522647c169baf6922

Affected versions

ldb-1.*

ldb-1.1.0

ldb-1.1.10

ldb-1.1.11

ldb-1.1.12

ldb-1.1.13

ldb-1.1.14

ldb-1.1.15

ldb-1.1.16

ldb-1.1.17

ldb-1.1.18

ldb-1.1.19

ldb-1.1.2

ldb-1.1.20

ldb-1.1.21

ldb-1.1.22

ldb-1.1.23

ldb-1.1.24

ldb-1.1.25

ldb-1.1.26

ldb-1.1.27

ldb-1.1.28

ldb-1.1.29

ldb-1.1.3

ldb-1.1.30

ldb-1.1.31

ldb-1.1.4

ldb-1.1.5

ldb-1.1.6

ldb-1.1.8

ldb-1.1.9

ldb-1.2.0

ldb-1.2.1

ldb-1.2.2

ldb-1.3.0

ldb-1.3.1

ldb-1.3.2

ldb-1.4.0

ldb-1.4.1

ldb-1.5.0

ldb-1.5.1

ldb-1.5.2

ldb-1.6.1

ldb-1.6.2

ldb-1.6.3

ldb-2.*

ldb-2.0.5

ldb-2.1.0

ldb-2.1.1

ldb-2.2.0

ldb-2.4.0

ldb-2.5.0

ldb-2.6.0

ldb-2.6.1

ldb-2.6.2

samba-4.*

samba-4.0.0alpha10

samba-4.0.0alpha11

samba-4.0.0alpha13

samba-4.0.0alpha14

samba-4.0.0alpha15

samba-4.0.0alpha16

samba-4.0.0alpha17

samba-4.0.0alpha18

samba-4.0.0alpha19

samba-4.0.0alpha20

samba-4.0.0alpha21

samba-4.0.0alpha6

samba-4.0.0alpha7

samba-4.0.0alpha8

samba-4.0.0alpha9

samba-4.0.0beta1

samba-4.0.0beta2

samba-4.0.0beta3

samba-4.0.0beta4

samba-4.0.0beta5

samba-4.0.0beta6

samba-4.0.0beta7

samba-4.0.0beta8

samba-4.0.0rc1

samba-4.10.0rc1

samba-4.11.0rc1

samba-4.12.0rc1

samba-4.13.0rc1

samba-4.14.0rc1

samba-4.15.0rc1

samba-4.16.0rc1

samba-4.17.0

samba-4.17.0rc1

samba-4.17.0rc2

samba-4.17.0rc3

samba-4.17.0rc4

samba-4.17.0rc5

samba-4.17.1

samba-4.17.10

samba-4.17.11

samba-4.17.2

samba-4.17.3

samba-4.17.4

samba-4.17.5

samba-4.17.6

samba-4.17.7

samba-4.17.8

samba-4.17.9

samba-4.2.0rc1

samba-4.3.0rc1

samba-4.4.0rc1

samba-4.5.0rc1

samba-4.6.0rc1

samba-4.7.0rc1

samba-4.8.0rc1

samba-4.9.0rc1

talloc-1.*

talloc-1.3.1

talloc-2.*

talloc-2.0.0

talloc-2.0.1

talloc-2.0.7

talloc-2.0.8

talloc-2.1.0

talloc-2.1.1

talloc-2.1.10

talloc-2.1.11

talloc-2.1.12

talloc-2.1.13

talloc-2.1.14

talloc-2.1.15

talloc-2.1.16

talloc-2.1.2

talloc-2.1.3

talloc-2.1.4

talloc-2.1.5

talloc-2.1.6

talloc-2.1.7

talloc-2.1.8

talloc-2.1.9

talloc-2.2.0

talloc-2.3.0

talloc-2.3.1

talloc-2.3.2

talloc-2.3.3

talloc-2.3.4

tdb-1.*

tdb-1.1.5

tdb-1.2.0

tdb-1.2.1

tdb-1.2.10

tdb-1.2.11

tdb-1.2.12

tdb-1.2.13

tdb-1.3.0

tdb-1.3.1

tdb-1.3.10

tdb-1.3.11

tdb-1.3.12

tdb-1.3.13

tdb-1.3.14

tdb-1.3.15

tdb-1.3.16

tdb-1.3.17

tdb-1.3.18

tdb-1.3.2

tdb-1.3.3

tdb-1.3.4

tdb-1.3.5

tdb-1.3.6

tdb-1.3.7

tdb-1.3.8

tdb-1.3.9

tdb-1.4.0

tdb-1.4.1

tdb-1.4.2

tdb-1.4.3

tdb-1.4.4

tdb-1.4.5

tdb-1.4.6

tdb-1.4.7

tevent-0.*

tevent-0.10.0

tevent-0.10.1

tevent-0.10.2

tevent-0.11.0

tevent-0.12.0

tevent-0.12.1

tevent-0.13.0

tevent-0.9.11

tevent-0.9.12

tevent-0.9.13

tevent-0.9.14

tevent-0.9.15

tevent-0.9.16

tevent-0.9.17

tevent-0.9.18

tevent-0.9.19

tevent-0.9.20

tevent-0.9.21

tevent-0.9.22

tevent-0.9.23

tevent-0.9.24

tevent-0.9.25

tevent-0.9.26

tevent-0.9.27

tevent-0.9.28

tevent-0.9.29

tevent-0.9.30

tevent-0.9.31

tevent-0.9.32

tevent-0.9.33

tevent-0.9.34

tevent-0.9.35

tevent-0.9.36

tevent-0.9.37

tevent-0.9.38

tevent-0.9.39

tevent-0.9.8