Security vulnerability: Samba directory traversal CVE-2021-43566
This document (000020571) is provided subject to the disclaimer at the end of this document.
Environment
https://www.suse.com/security/cve/CVE-2021-43566.html
Situation
Resolution
For older service packs please apply the mitigations.
Status
Additional Information
A mitigation is to disable SMB1 (already default disabled in Samba 4.11 and newer), or if SMB1 is required for compatibility reasons disable the UNIX extensions by setting:
unix extensions = no
in the [global] section of /etc/samba/smb.conf and restarting Samba
after the change.
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000020571
- Creation Date: 31-Jan-2022
- Modified Date:31-Jan-2022
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com