Security News > 2022 > February > Samba ‘Fruit’ Bug Allows RCE, Full Root User Access

A critical severity vulnerability in the Samba platform could allow attackers to gain remote code execution with root privileges on servers.

Samba is an interoperability suite that allows Windows and Linus/Unix-based hosts to work together and share file and print services with multiplatform devices on a common network, including SMB file-sharing.

The bug specifically is an out-of-bounds heap read/write vulnerability in the VFS module called "Vfs fruit." It affects all versions of Samba prior to v.4.13.17, and carries a rating of 9.9 out of 10 on the CVSS security-vulnerability severity scale.

"The problem in vfs fruit exists in the default configuration of the fruit VFS module using fruit:metadata=netatalk or fruit:resource=file."

Samba credited Orange Tsai from DEVCORE is credited with finding the bug.

There is also a workaround available, according to the company, which involves removing the "Fruit" module from the list of VFS objects in Samba configuration files: "Remove the 'fruit' VFS module from the list of configured VFS objects in any 'vfs objects' line in the Samba configuration smb.conf."

News URL

https://threatpost.com/samba-fruit-bug-rce-root-access/178141/