CVE-2019-10197

Name of the Vulnerable Software and Affected Versions Samba versions 4.9.x up to 4.9.13 Samba versions 4.10.x up to 4.10.8 Samba versions 4.11.x up to 4.11.0rc3

Description A flaw was found in the Samba package related to insufficient path name checking in the smb.conf configuration file. This issue allows an unauthenticated attacker to escape the shared directory and access the contents of directories outside the share. The problem occurs when certain parameters are set in the Samba configuration file, specifically when wide links = yes is used in combination with unix extensions = no or allow insecure wide links = yes. Access to files outside the current shared directory is limited by the user's access rights.

Recommendations For Samba versions 4.9.x up to 4.9.13, update to version 4.9.13 or later to resolve the issue. For Samba versions 4.10.x up to 4.10.8, update to version 4.10.8 or later to resolve the issue. For Samba versions 4.11.x up to 4.11.0rc3, update to a version later than 4.11.0rc3 to resolve the issue. As a temporary workaround, consider disabling the wide links = yes option in the Samba configuration file until a patch is available. Restrict access to the Samba shared directory to minimize the risk of exploitation. Avoid using the unix extensions = no or allow insecure wide links = yes options in combination with wide links = yes until the issue is resolved.