CVE-2023-4091

Updated: 2024-11-30 04:18:58.357202

Description:

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only access but then implicitly truncates the opened file to 0 bytes if the client specifies a separate OVERWRITE create disposition request. The issue arises in configurations that bypass kernel file system permissions checks, relying solely on Samba's permissions.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 6.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 6 ELS samba 3.6.23 6.5 MEDIUM Ignored 2023-11-15 04:08:48
CentOS 7 ELS samba 4.10.16 6.5 MEDIUM Ignored 2024-06-25 11:20:12
CentOS 8.4 ELS samba 4.13.3-5 6.5 MEDIUM Released CLSA-2024:1723483357 2024-08-12 14:36:58
CentOS 8.5 ELS samba 4.14.5-7 6.5 MEDIUM Released CLSA-2024:1723058766 2024-08-07 17:40:28
CloudLinux 6 ELS samba 3.6.23 6.5 MEDIUM Ignored 2023-11-15 04:08:48
Oracle Linux 6 ELS samba 3.6.23 6.5 MEDIUM Ignored 2023-11-15 04:08:48
Ubuntu 16.04 ELS samba 4.3.11 6.5 MEDIUM Ignored 2023-11-15 04:08:48
Ubuntu 18.04 ELS samba 4.7.6 6.5 MEDIUM Ignored 2023-11-15 04:08:48