CVE-2021-44142, announced after responsible disclosure practices were followed and a full patch made available, was reported by the Samba team as a CVSS 9.9 vulnerability. All versions of Samba prior to 4.13.17, 4.4.12, and 4.4.15 (which are the newest security releases) are affected. Samba is a Linux SMB/CIFS file sharing service that establishes compatibility with Microsoft and Apple SMB implementations. The vulnerability allows for arbitrary remote code execution (RCE) on Samba installations that are deployed with the default configurations for the VFS_fruit module, which establishes compatibility with Apple SMB clients. Workarounds exist by changing the default configuration of fruit_metadata=netatalk or fruit_resource=file
in the /etc/samba/smb.conf file, or by deleting the VFS_fruit module.
