How To Fix The Out-Of-Bounds Write Vulnerability In Samba vfs_fruit Module (CVE-2021-44142)

A security researcher from DEVCORE, Orange Tsai disclosed a critical out-of-bounds write vulnerability in Samba vfs_fruit module along with a medium and low vulnerability. The out-of-bound read/write vulnerability is tracked under CVE-2021-44142 has a base score of 9.9 out of 10. The successful exploitation of the flaw allows remote attackers to execute arbitrary code on the affected machine with the highest root privileges. Since Samba is one of the most common services being used in multiple platforms, we can say that millions of servers are vulnerable to the flaw. It is important to learn how to fix the CVE-2021-44142 vulnerability in Samba. So, let’s see How to Fix the Out-of-Bounds Write Vulnerability In Samba vfs_fruit module (CVE-2021-44142) along with the other two CVE-2021-44141 and CVE-2022-0336 vulnerabilities in this post.

What Is Samba?

As the front page at samba.org says: Samba is a software package that gives network administrators flexibility and freedom in terms of setup, configuration, and choice of systems and equipment. 

Samba is free software used to implement the Server Message Block (SMB) protocol. It’s used to share files over the network. It is also referred to as the Common Internet File System, in short, CIFS. If you ask what platforms support this protocol. The answer is pretty much all. It supports Windows, Linux, and Mac. We have shown how to build a personal cross-platform file-sharing server using Samba on a small computer like Raspberry Pi in a different post. 

What Is Out-Of-Bounds Write Vulnerability?

A simple explanation for this is if a service or a program writes data outside of the boundaries of the buffer. That could be either the beginning or after the end of the allocated buffer.

This could lead to many negative implications, which may include:

Summary Of The Samba vfs_fruit Vulnerability (CVE-2021-44142)?

There are other three vulnerabilities that Samba addressed:

Summary Of CVE-2021-44142:

The out-of-bound heap read/write vulnerability actually lice in the Samba vfs_fruit module, which provides enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver. Attackers can exploit the vulnerability using a specially crafted extended file attribute.

All versions of Samba prior to 4.13.17 are vulnerable to an out-of-bounds heap read/write vulnerability that allows remote attackers to execute arbitrary code as root on affected Samba installations that use the VFS module vfs_fruit.

Summary Of CVE-2021-44141:

Summary Of CVE-2022-0336:

Samba Versions Affected To The Vulnerabilities:

his table helps you learn versions affected by the respective vulnerabilities.

Operating Systems Affected By The Samba Out-Of-Bounds Write Vulnerability:

The most popular Linux distributions RedHat, SUSE, and Ubuntu are affected by the vulnerabilities. All the Distributors have released security updates to fix the vulnerabilities. Please visit their website for more information.

How to Fix the Out-of-Bounds Write Vulnerability In Samba vfs_fruit Module (CVE-2021-44142)?

Samba has fixed all three vulnerabilities in their latest versions 4.13.17, 4.14.12, and 4.15.5. Samba users are urged to update to the recommended versions to fix the vulnerabilities. 

However, there is a workaround for those who can’t immoderately apply the patch. You just need to remove ‘fruit’ VFS module from the list of configured VFS objects in any “vfs objects” line in the Samba configuration smb.conf. 

Please visit the respective Linux distribution website or contact support.

How To Fix The Samba vfs_fruit Vulnerability?

Step 1. Check the Samba version on Linux

$ sudo smbstatus
OR
$ sudo smbd -V
OR
$ sudo smbd –version

Step 2. Add Samba PPA to your system

Use this PPA repo to upgrade or install Samba on Ubuntu Linux.


$ sudo add-apt-repository ppa:linux-schools/samba-latest

Step 3. Update repository

$ sudo apt-get update

Step 4. Upgrade or Install Samba from PPA

$ sudo apt install samba
OR
$ sudo apt install samba

Step 5. Check the Samba version on Linux upon upgrade

$ sudo smbstatus
OR
$ sudo smbd -V
OR
$ sudo smbd –version

We hope this post helps you know How to Fix the Out-of-Bounds Write Vulnerability In Samba vfs_fruit Module (CVE-2021-44142) along with the other two CVE-2021-44141 and CVE-2022-0336 vulnerabilities in Linus machines. Thanks for reading this threat post. Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, & Medium and subscribe to receive updates like this. 

You may also like these articles: