A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Samba | Samba | 3.6.0 (including) | 4.11.15 (excluding) |
| Samba | Samba | 4.12.0 (including) | 4.12.9 (excluding) |
| Samba | Samba | 4.13.0 (including) | 4.13.1 (excluding) |
| Samba | Ubuntu | bionic | * |
| Samba | Ubuntu | devel | * |
| Samba | Ubuntu | focal | * |
| Samba | Ubuntu | groovy | * |
| Samba | Ubuntu | hirsute | * |
| Samba | Ubuntu | precise/esm | * |
| Samba | Ubuntu | trusty | * |
| Samba | Ubuntu | trusty/esm | * |
| Samba | Ubuntu | upstream | * |
| Samba | Ubuntu | xenial | * |
| Red Hat Enterprise Linux 7 | RedHat | samba-0:4.10.16-9.el7_9 | * |
| Red Hat Enterprise Linux 8 | RedHat | openchange-0:2.3-27.el8 | * |
| Red Hat Enterprise Linux 8 | RedHat | samba-0:4.13.3-3.el8 | * |
| Red Hat Enterprise Linux 8 | RedHat | openchange-0:2.3-27.el8 | * |
| Red Hat Enterprise Linux 8 | RedHat | samba-0:4.13.3-3.el8 | * |
| Red Hat Gluster Storage 3.5 for RHEL 7 | RedHat | samba-0:4.11.6-112.el7rhgs | * |
| Red Hat Gluster Storage 3.5 for RHEL 8 | RedHat | samba-0:4.13.7-101.el8rhgs | * |