Description
A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user.
References (9)
Core 9
Core References
Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10218
Vendor Advisory
https://www.samba.org/samba/security/CVE-2019-10218.html
Vendor Advisory
https://www.synology.com/security/advisory/Synology_SA_19_35
Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00015.html
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UMIYCYXCPRTVCVZ3TP6ZGPJ6RZS3IX4G/
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKPYHDFI7HRELVXBE5J4MTGSI35AKFBI/
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XQ3IUACPZJXSC4OM6P2V4IC4QMZQZWPD/
Mailing List mailing-list
https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html
Mailing List mailing-list
https://lists.debian.org/debian-lts-announce/2023/09/msg00013.html
Scores
CVSS v3
6.5
EPSS
0.0451
EPSS Percentile
89.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Details
CWE
CWE-22
Status
published
Products (3)
fedoraproject/fedora
29
fedoraproject/fedora
31
samba/samba
< 4.9.15
Published
Nov 06, 2019
Tracked Since
Feb 18, 2026