What is CVE-2021-44142?

CVE-2021-44142 is a vulnerability in Samba, classified under Out-of-bounds Read. Published 2022-02-21.

Is CVE-2021-44142 known to be exploited?

17 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Out-of-bounds Read in Samba

CVE-2021-44142

The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 w…

Vulnerability class: Buffer Overflow

EPSS: 0.740 (99.4th percentile) — read the EPSS interpretation.

Affected products

Samba — versions unspecified

Weakness classification (CWE)

Public proof-of-concept exploits

References

www.samba.org/samba/security/CVE-2021-44142.html
www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-…
kb.cert.org/vuls/id/119678 (third-party-advisory)
bugzilla.samba.org/show_bug.cgi
GLSA-202309-06 (vendor-advisory)

Frequently asked questions

What is CVE-2021-44142?: CVE-2021-44142 is a vulnerability in Samba, classified under Out-of-bounds Read. Published 2022-02-21.
Is CVE-2021-44142 known to be exploited?: 17 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.