Samba is available on IBM i to provide file system access. Samba is vulnerable to the issues described in the vulnerability details section. IBM i has addressed the applicable CVEs in the Samba implementation by providing a fix.
CVEID:CVE-2021-43566
**DESCRIPTION:**Samba could allow a remote authenticated attacker to bypass security restrictions, caused by a symlink race error. By using a specially-crafted SMB1 or NFS symlink, an attacker could exploit this vulnerability to create a directory in a part of the server file system not exported under the share definition.
CVSS Base score: 2.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/217058 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N)
CVEID:CVE-2021-44141
**DESCRIPTION:**Samba could allow a remote authenticated attacker to obtain sensitive information. By querying a symlink inside the exported share using SMB1 with unix extensions turned on, an attacker could exploit this vulnerability to discover if a named or directory exists on the filesystem outside of the exported share.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/218468 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM i | 7.4 |
IBM i | 7.3 |
The issues can be fixed by applying a PTF to IBM i. Releases 7.4 and 7.3 of IBM i will be fixed.
The IBM i PTF numbers containing the fix for the CVEs are:
Release 7.4 - SI78680
Release 7.3 - SI78679
https://www.ibm.com/support/fixcentral
_Important note: _IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products.
None