H-ISAC TLP White Vulnerability: New Samba Bug Allows Remote Attackers to Execute Arbitrary Code as Root

February 4, 2022

Health-ISAC is issuing a vulnerability bulletin regarding multiple security vulnerabilities in the Windows/Linux interoperability suite Samba that if exploited, could allow remote attackers to execute arbitrary code with the highest privileges on affected installations.  

Samba has since issued software updates to address these vulnerabilities, which concern an out-of-bounds heap read-write vulnerability, allowing remote attackers to execute arbitrary code as root on affected Samba installations that use the virtual file system (VFS) module vfs_fruit.  Installing the latest Samba security updates is highly recommended, and can be accessed here

More information on the vulnerabilities has been included further in this vulnerability bulletin for your security awareness.

View the detailed bulletin below. 

For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:

John Riggi

National Advisor for Cybersecurity and Risk, AHA

jriggi@aha.org

(O) +1 202 626 2272

More on John Riggi
Learn more about AHA's Cybersecurity and Risk Advisory Services

Key Resources

Related Resources

Advisory
CrowdStrike Technology Outage Causing Global Disruption, Including Impacts on Hospitals
Letter/Comment
AHA Responds to CISA Proposed Rule on Cyber Incident Reporting Requirements
Public
Advisory
HHS Issues Alert on Critical Vulnerability in ‘MOVEit,’ File Transfer Platform Used by Health Care Sector
Public
Issue Landing Page
Support for your Cybersecurity Program
Special Bulletin
AHA Helps Secure New Cybersecurity Resources from Microsoft and Google to Assist Rural Hospitals
Public
Advancing Health Podcast
How to Survive a Cyberattack with Scripps Health: Part Two
Public