Are Zyxel NAS devices affected by an out-of-bounds (OOB) vulnerability in Samba?

ariek
ariek Posts: 24  Freshman Member
CVE-ID#: CVE-2021-44142
Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution. All versions of Samba prior to 4.13.17. This vulnerability allows remote attackers to execute arbitrary code as root on affected Samba installations that use the VFS module vfs_fruit.



Samba version on Zyxel NAS520:
:~#smbstatus
Samba version 4.1.7




Accepted Solution

  • Mijzelf
    Mijzelf Posts: 1,982  Guru Member
    Answer ✓
    Are Zyxel NAS devices affected by an out-of-bounds (OOB) vulnerability in Samba?
    I don't think so:

    [email protected]:/$ ls /usr/lib/samba/vfs/
    aio_linux.so   full_audit.so  recycle.so

    No fruit.

Consumer Product Help Center