CVE-2022-3592UNIX Symbolic Link (Symlink) Following in Samba

CWE-61UNIX Symbolic Link (Symlink) FollowingCWE-59Link Following6 documents5 sources
Severity
6.5MEDIUMNVD
EPSS
0.6%
top 29.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
SambaFedoraproject FedoraDebian Samba
Timeline
PublishedJan 12
Latest updateFeb 26

Description

A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path. This flaw allows a remote user with access to the exported part of the file system under a share via SMB1 unix extensions or NFS to create symlinks to files outside the 'smbd' configured share path and gain access to another restricted server's filesystem.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

NVDsamba/samba4.17.04.17.2
Alpinesamba/samba< 4.15.12-r0+8
CVEListV5samba/sambaAffects samba since 4.17.0, Fixed samba 4.17.2.
debiandebian/samba

Also affects: Fedora 36, 37

🔴Vulnerability Details

2
OSV
CVE-2022-3592: A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path2023-01-12
GHSA
GHSA-cghw-hvr5-w2m2: A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path2023-01-12

📋Vendor Advisories

3
Red Hat
kernel: bpf: Fix a btf decl_tag bug when tagging a function2025-02-26
Red Hat
samba: wide links protection broken2022-10-25
Debian
CVE-2022-3592: samba - A symlink following vulnerability was found in Samba, where a user can create a ...2022
CVE-2022-3592 — UNIX Symbolic Link (Symlink) Following | cvebase