mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-14 05:49:57 +00:00
Archana Polampalli
ad3dc46c87
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only access but then implicitly truncates the opened file to 0 bytes if the client specifies a separate OVERWRITE create disposition request. The issue arises in configurations that bypass kernel file system permissions checks, relying solely on Samba's permissions. References: https://nvd.nist.gov/vuln/detail/CVE-2023-4091 Fix is patched to the function call smbd_check_access_rights_fsp() of open_file(), But in samba_4.14.14 smbd_check_access_rights() is used, from samba_4.15.0 onwards smbd_check_access_rights() was replaced with smbd_check_access_rights_fsp() and samba_4.14.14 is still vulnerable through smbd_check_access_rights(). Ref: https://github.com/samba-team/samba/commit/3f61369d153419158c0f223e6f81c0bb07275833 https://github.com/samba-team/samba/commit/26dc10bdb2cff3eece4a2874931b4058f9f87d68 Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Collection of layers for the OE-core universe Main layer maintainer: Armin Kuster <akuster808@gmail.com> This repository is a collection of layers to suppliment OE-Core with additional packages, Each layer have designated maintainer Please see the respective READMEs in the layer subdirectories