Ukukhishwa okulungile kwephakheji ye-Samba engu-4.14.4, 4.13.8 kanye ne-4.12.15 kulungiselelwe ukuqeda ubungozi (CVE-2021-20254), okuvame ukuholela ekuphahlazekeni kwenqubo ye-smbd, kodwa okubi kakhulu. isimo sesimo sokuba nokwenzeka kokufinyelela okungagunyaziwe kumafayela kanye nokususa amafayela ekuhlukaniseni inethiwekhi ngumsebenzisi ongenamalungelo.
Ukuba sengozini kungenxa yephutha kumsebenzi we-sids_to_unixids() obangela idatha ukuthi ifundwe endaweni engaphandle komngcele webhafa lapho kuguqulwa ama-SID (I-Windows Security Identifier) ββββkuya ku-GID (Unix Group ID). Inkinga yenzeka uma into engeyinhle yengezwa kunqolobane yokumepha ye-SID ku-GID. Abathuthukisi be-Samba abakwazanga ukuhlonza izimo ezinokwethenjelwa neziphindaphindekayo ukuze kube sengozini ukuba kwenzeke, kodwa umcwaningi ohlonze ubungozi ukholelwa ukuthi inkinga ingasetshenziswa ukuze kususwe amafayela kuseva yefayela ngaphandle kwamalungelo afanelekile okwenza lo msebenzi.
Source: opennet.ru