Samba has fixed a vulnerability in all versions of its software prior to version 4.13.17 that allowed for a remote actor to execute code as root, thanks to an out-of-bounds heap read write vulnerability.
“The specific flaw exists within the parsing of EA metadata when opening files in smbd. Access as a user that has write access to a file’s extended attributes is required to exploit this vulnerability,” Samba said in its security notice.
“Note that this could be a guest or unauthenticated user if such users are allowed write access to file extended attributes.”
Read more…
Source: ZDNet