PT-2023-6232 · Samba+9 · Samba+9

Sri Nagasubramanian

·

Published

2023-08-02

·

Updated

2025-09-19

·

CVE-2023-4091

CVSS v2.0

7.1

High

VectorAV:N/AC:M/Au:N/C:N/I:C/A:N
Name of the Vulnerable Software and Affected Versions Samba (affected versions not specified)
Description A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl xattr" is configured with "acl xattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only access but then implicitly truncates the opened file to 0 bytes if the client specifies a separate OVERWRITE create disposition request. The issue arises in configurations that bypass kernel file system permissions checks, relying solely on Samba's permissions. This could allow a remote attacker to read, modify, or delete files.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Default Permissions

Improper Access Control

Weakness Enumeration

CWE-276CWE-275CWE-284CWE-264

Related Identifiers

ALSA-2023:6744
ALSA-2023:7467
ALT-PU-2023-6448
ALT-PU-2023-7794
ALT-PU-2024-12484
ALT-PU-2024-14683
AZL-31900
AZL-37025
BDU:2023-06941
CESA-2023_7467
CVE-2023-4091
DLA-3792-1
DSA-5525-1
DSA-5647-1
MGASA-2023-0340
OESA-2023-1753
OESA-2023-1754
OESA-2023-1755
OESA-2023-1756
OESA-2023-1757
OPENSUSE-SU-2023_4046-1
OPENSUSE-SU-2023_4059-1
OPENSUSE-SU-2024:13332-1
RHSA-2023:6209
RHSA-2023:6744
RHSA-2023:7371
RHSA-2023:7408
RHSA-2023:7464
RHSA-2023:7467
RHSA-2023_6744
RHSA-2023_7467
SUSE-SU-2023:4040-1
SUSE-SU-2023:4046-1
SUSE-SU-2023:4059-1
SUSE-SU-2023:4096-1
SUSE-SU-2023_4040-1
SUSE-SU-2023_4059-1
SUSE-SU-2023_4096-1
USN-6425-1
USN-6425-2
USN-6425-3

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Red Hat
Red Os
Samba
Suse
Ubuntu