CVE-2021-44141

All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed.
Link Following
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 54%
Affected Products (NVD)
VendorProductVersion
sambasamba
𝑥
< 4.15.5
redhatstorage
3.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
samba
bookworm
2:4.17.12+dfsg-0+deb12u1
fixed
bookworm (security)
2:4.17.12+dfsg-0+deb12u1
fixed
bullseye
ignored
bullseye (security)
vulnerable
buster
ignored
sid
2:4.21.1+dfsg-2
fixed
trixie
2:4.21.1+dfsg-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
samba
bionic
ignored
focal
ignored
impish
ignored
jammy
ignored
trusty
ignored
xenial
ignored
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
apache2-mod_apparmor
suse enterprise sap 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise server 15 SP3
2.13.6-150300.3.11.2
fixed
apparmor-abstractions
suse enterprise desktop 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise sap 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise server 15 SP3
2.13.6-150300.3.11.2
fixed
apparmor-docs
suse enterprise desktop 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise sap 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise server 15 SP3
2.13.6-150300.3.11.2
fixed
apparmor-parser
suse enterprise desktop 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise sap 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise server 15 SP3
2.13.6-150300.3.11.2
fixed
apparmor-parser-lang
suse enterprise desktop 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise sap 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise server 15 SP3
2.13.6-150300.3.11.2
fixed
apparmor-profiles
suse enterprise desktop 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise sap 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise server 15 SP3
2.13.6-150300.3.11.2
fixed
apparmor-utils
suse enterprise desktop 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise sap 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise server 15 SP3
2.13.6-150300.3.11.2
fixed
apparmor-utils-lang
suse enterprise desktop 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise sap 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise server 15 SP3
2.13.6-150300.3.11.2
fixed
krb5
suse enterprise desktop 15 SP3
1.19.2-150300.8.3.2
fixed
suse enterprise sap 15 SP3
1.19.2-150300.8.3.2
fixed
suse enterprise server 15 SP3
1.19.2-150300.8.3.2
fixed
krb5-32bit
suse enterprise desktop 15 SP3
1.19.2-150300.8.3.2
fixed
suse enterprise sap 15 SP3
1.19.2-150300.8.3.2
fixed
suse enterprise server 15 SP3
1.19.2-150300.8.3.2
fixed
krb5-client
suse enterprise desktop 15 SP3
1.19.2-150300.8.3.2
fixed
suse enterprise sap 15 SP3
1.19.2-150300.8.3.2
fixed
suse enterprise server 15 SP3
1.19.2-150300.8.3.2
fixed
krb5-devel
suse enterprise desktop 15 SP3
1.19.2-150300.8.3.2
fixed
suse enterprise sap 15 SP3
1.19.2-150300.8.3.2
fixed
suse enterprise server 15 SP3
1.19.2-150300.8.3.2
fixed
krb5-plugin-kdb-ldap
suse enterprise sap 15 SP3
1.19.2-150300.8.3.2
fixed
suse enterprise server 15 SP3
1.19.2-150300.8.3.2
fixed
krb5-plugin-preauth-otp
suse enterprise desktop 15 SP3
1.19.2-150300.8.3.2
fixed
suse enterprise sap 15 SP3
1.19.2-150300.8.3.2
fixed
suse enterprise server 15 SP3
1.19.2-150300.8.3.2
fixed
krb5-plugin-preauth-pkinit
suse enterprise desktop 15 SP3
1.19.2-150300.8.3.2
fixed
suse enterprise sap 15 SP3
1.19.2-150300.8.3.2
fixed
suse enterprise server 15 SP3
1.19.2-150300.8.3.2
fixed
krb5-plugin-preauth-spake
suse enterprise desktop 15 SP3
1.19.2-150300.8.3.2
fixed
suse enterprise sap 15 SP3
1.19.2-150300.8.3.2
fixed
suse enterprise server 15 SP3
1.19.2-150300.8.3.2
fixed
krb5-server
suse enterprise sap 15 SP3
1.19.2-150300.8.3.2
fixed
suse enterprise server 15 SP3
1.19.2-150300.8.3.2
fixed
ldb-tools
suse enterprise desktop 15 SP3
2.4.1-150300.3.10.1
fixed
suse enterprise sap 15 SP3
2.4.1-150300.3.10.1
fixed
suse enterprise server 15 SP3
2.4.1-150300.3.10.1
fixed
libapparmor-devel
suse enterprise desktop 15 SP3
2.13.6-150300.3.11.1
fixed
suse enterprise sap 15 SP3
2.13.6-150300.3.11.1
fixed
suse enterprise server 15 SP3
2.13.6-150300.3.11.1
fixed
libapparmor1
suse enterprise desktop 15 SP3
2.13.6-150300.3.11.1
fixed
suse enterprise sap 15 SP3
2.13.6-150300.3.11.1
fixed
suse enterprise server 15 SP3
2.13.6-150300.3.11.1
fixed
libapparmor1-32bit
suse enterprise desktop 15 SP3
2.13.6-150300.3.11.1
fixed
suse enterprise sap 15 SP3
2.13.6-150300.3.11.1
fixed
suse enterprise server 15 SP3
2.13.6-150300.3.11.1
fixed
libipa_hbac-devel
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
libipa_hbac0
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
libldb-devel
suse enterprise desktop 15 SP3
2.4.1-150300.3.10.1
fixed
suse enterprise sap 15 SP3
2.4.1-150300.3.10.1
fixed
suse enterprise server 15 SP3
2.4.1-150300.3.10.1
fixed
libldb2
suse enterprise desktop 15 SP3
2.4.1-150300.3.10.1
fixed
suse enterprise sap 15 SP3
2.4.1-150300.3.10.1
fixed
suse enterprise server 15 SP3
2.4.1-150300.3.10.1
fixed
libldb2-32bit
suse enterprise desktop 15 SP3
2.4.1-150300.3.10.1
fixed
suse enterprise sap 15 SP3
2.4.1-150300.3.10.1
fixed
suse enterprise server 15 SP3
2.4.1-150300.3.10.1
fixed
libsss_certmap-devel
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
libsss_certmap0
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
libsss_idmap-devel
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
libsss_idmap0
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
libsss_nss_idmap-devel
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
libsss_nss_idmap0
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
libsss_simpleifp-devel
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
libsss_simpleifp0
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
libtalloc-devel
suse enterprise desktop 15 SP3
2.3.3-150300.3.3.2
fixed
suse enterprise sap 15 SP3
2.3.3-150300.3.3.2
fixed
suse enterprise server 15 SP3
2.3.3-150300.3.3.2
fixed
libtalloc2
suse enterprise desktop 15 SP3
2.3.3-150300.3.3.2
fixed
suse enterprise sap 15 SP3
2.3.3-150300.3.3.2
fixed
suse enterprise server 15 SP3
2.3.3-150300.3.3.2
fixed
libtalloc2-32bit
suse enterprise desktop 15 SP3
2.3.3-150300.3.3.2
fixed
suse enterprise sap 15 SP3
2.3.3-150300.3.3.2
fixed
suse enterprise server 15 SP3
2.3.3-150300.3.3.2
fixed
libtdb-devel
suse enterprise desktop 15 SP3
1.4.4-150300.3.3.2
fixed
suse enterprise sap 15 SP3
1.4.4-150300.3.3.2
fixed
suse enterprise server 15 SP3
1.4.4-150300.3.3.2
fixed
libtdb1
suse enterprise desktop 15 SP3
1.4.4-150300.3.3.2
fixed
suse enterprise sap 15 SP3
1.4.4-150300.3.3.2
fixed
suse enterprise server 15 SP3
1.4.4-150300.3.3.2
fixed
libtdb1-32bit
suse enterprise desktop 15 SP3
1.4.4-150300.3.3.2
fixed
suse enterprise sap 15 SP3
1.4.4-150300.3.3.2
fixed
suse enterprise server 15 SP3
1.4.4-150300.3.3.2
fixed
libtevent-devel
suse enterprise desktop 15 SP3
0.11.0-150300.3.3.2
fixed
suse enterprise sap 15 SP3
0.11.0-150300.3.3.2
fixed
suse enterprise server 15 SP3
0.11.0-150300.3.3.2
fixed
libtevent0
suse enterprise desktop 15 SP3
0.11.0-150300.3.3.2
fixed
suse enterprise sap 15 SP3
0.11.0-150300.3.3.2
fixed
suse enterprise server 15 SP3
0.11.0-150300.3.3.2
fixed
libtevent0-32bit
suse enterprise desktop 15 SP3
0.11.0-150300.3.3.2
fixed
suse enterprise sap 15 SP3
0.11.0-150300.3.3.2
fixed
suse enterprise server 15 SP3
0.11.0-150300.3.3.2
fixed
pam_apparmor
suse enterprise desktop 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise sap 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise server 15 SP3
2.13.6-150300.3.11.2
fixed
pam_apparmor-32bit
suse enterprise desktop 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise sap 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise server 15 SP3
2.13.6-150300.3.11.2
fixed
perl-apparmor
suse enterprise desktop 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise sap 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise server 15 SP3
2.13.6-150300.3.11.2
fixed
python3-apparmor
suse enterprise desktop 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise sap 15 SP3
2.13.6-150300.3.11.2
fixed
suse enterprise server 15 SP3
2.13.6-150300.3.11.2
fixed
python3-ldb
suse enterprise desktop 15 SP3
2.4.1-150300.3.10.1
fixed
suse enterprise sap 15 SP3
2.4.1-150300.3.10.1
fixed
suse enterprise server 15 SP3
2.4.1-150300.3.10.1
fixed
python3-ldb-devel
suse enterprise desktop 15 SP3
2.4.1-150300.3.10.1
fixed
suse enterprise sap 15 SP3
2.4.1-150300.3.10.1
fixed
suse enterprise server 15 SP3
2.4.1-150300.3.10.1
fixed
python3-sssd-config
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
python3-talloc
suse enterprise desktop 15 SP3
2.3.3-150300.3.3.2
fixed
suse enterprise sap 15 SP3
2.3.3-150300.3.3.2
fixed
suse enterprise server 15 SP3
2.3.3-150300.3.3.2
fixed
python3-talloc-devel
suse enterprise desktop 15 SP3
2.3.3-150300.3.3.2
fixed
suse enterprise sap 15 SP3
2.3.3-150300.3.3.2
fixed
suse enterprise server 15 SP3
2.3.3-150300.3.3.2
fixed
python3-tdb
suse enterprise desktop 15 SP3
1.4.4-150300.3.3.2
fixed
suse enterprise sap 15 SP3
1.4.4-150300.3.3.2
fixed
suse enterprise server 15 SP3
1.4.4-150300.3.3.2
fixed
python3-tevent
suse enterprise desktop 15 SP3
0.11.0-150300.3.3.2
fixed
suse enterprise sap 15 SP3
0.11.0-150300.3.3.2
fixed
suse enterprise server 15 SP3
0.11.0-150300.3.3.2
fixed
sssd
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
sssd-ad
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
sssd-common
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
sssd-dbus
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
sssd-ipa
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
sssd-krb5
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
sssd-krb5-common
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
sssd-ldap
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
sssd-proxy
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
sssd-tools
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
sssd-winbind-idmap
suse enterprise desktop 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise sap 15 SP3
1.16.1-150300.23.17.3
fixed
suse enterprise server 15 SP3
1.16.1-150300.23.17.3
fixed
talloc-man
suse enterprise desktop 15 SP3
2.3.3-150300.3.3.1
fixed
suse enterprise sap 15 SP3
2.3.3-150300.3.3.1
fixed
suse enterprise server 15 SP3
2.3.3-150300.3.3.1
fixed
tdb-tools
suse enterprise desktop 15 SP3
1.4.4-150300.3.3.2
fixed
suse enterprise sap 15 SP3
1.4.4-150300.3.3.2
fixed
suse enterprise server 15 SP3
1.4.4-150300.3.3.2
fixed
tevent-man
suse enterprise desktop 15 SP3
0.11.0-150300.3.3.1
fixed
suse enterprise sap 15 SP3
0.11.0-150300.3.3.1
fixed
suse enterprise server 15 SP3
0.11.0-150300.3.3.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
ctdb
RHEL 8
0:4.15.5-5.el8
fixed
libsmbclient
RHEL 8
0:4.15.5-5.el8
fixed
libsmbclient-devel
RHEL 8
0:4.15.5-5.el8
fixed
libwbclient
RHEL 8
0:4.15.5-5.el8
fixed
libwbclient-devel
RHEL 8
0:4.15.5-5.el8
fixed
python3-samba
RHEL 8
0:4.15.5-5.el8
fixed
python3-samba-test
RHEL 8
0:4.15.5-5.el8
fixed
samba
RHEL 8
0:4.15.5-5.el8
fixed
samba-client
RHEL 8
0:4.15.5-5.el8
fixed
samba-client-libs
RHEL 8
0:4.15.5-5.el8
fixed
samba-common
RHEL 8
0:4.15.5-5.el8
fixed
samba-common-libs
RHEL 8
0:4.15.5-5.el8
fixed
samba-common-tools
RHEL 8
0:4.15.5-5.el8
fixed
samba-devel
RHEL 8
0:4.15.5-5.el8
fixed
samba-krb5-printing
RHEL 8
0:4.15.5-5.el8
fixed
samba-libs
RHEL 8
0:4.15.5-5.el8
fixed
samba-pidl
RHEL 8
0:4.15.5-5.el8
fixed
samba-test
RHEL 8
0:4.15.5-5.el8
fixed
samba-test-libs
RHEL 8
0:4.15.5-5.el8
fixed
samba-vfs-iouring
RHEL 8
0:4.15.5-5.el8
fixed
samba-winbind
RHEL 8
0:4.15.5-5.el8
fixed
samba-winbind-clients
RHEL 8
0:4.15.5-5.el8
fixed
samba-winbind-krb5-locator
RHEL 8
0:4.15.5-5.el8
fixed
samba-winbind-modules
RHEL 8
0:4.15.5-5.el8
fixed
samba-winexe
RHEL 8
0:4.15.5-5.el8
fixed
Common Weakness Enumeration
References
https://security.gentoo.org/glsa/202309-06
https://www.samba.org/samba/security/CVE-2021-44141.html
https://security.gentoo.org/glsa/202309-06
https://www.samba.org/samba/security/CVE-2021-44141.html