Another open-source related bug has emerged, as yesterday US-CERT issued an advisory that Linux and Unix-based operating systems using the Samba networking protocol are susceptible to a vulnerability (CVE-2015-0240) that would allow remote attacks without authentication. Samba versions 3.5.0 through 4.2.0rc4 are affected by a vulnerability in the Server Message Block daemon (smbd), it explained.

Samba provides file and print services for many Window clients; it runs on nearly all Linux distributions and other Unix-based operating systems. 

“US-CERT recommends users and administrators refer to their respective Linux OS vendor(s) for an appropriate patch if affected. Patches are currently available from Debian, Red Hat, Suse, and Ubuntu. A Samba patch is available for experienced users and administrators to implement,” the advisory noted.

The vulnerability was discovered by Richard van Eeden of Microsoft Vulnerability Research. The researcher also provided the Samba Project with a patch correcting the issue. 

The Samba Project described the vulnerability in its own security advisory: “A malicious client could send packets that may set up the stack in such a way that the freeing of memory in a subsequent anonymous netlogon packet could allow execution of arbitrary code. This code would execute with root privileges.”

Root privileges, of course, means automatic access that requires no authentication. If the vulnerability was successfully exploited, a potential attacker could execute code remotely with root privileges.

“Samba is the most commonly used Windows interoperability suite of programs used by Linux and Unix systems. It uses the SMB/CIFS protocol to provide a secure, stable, and fast file and print services,” Red Hat noted in its security blog. “We believe code execution is possible but we’ve not yet seen any working reproducers that would allow this.”