Samba Out-of-Bounds Heap R/W Remote Code Execution (RCE) Vulnerability (CVE-2021-44142)

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Samba Out-of-Bounds Heap R/W Remote Code Execution (RCE) Vulnerability (CVE-2021-44142)

L4 Transporter

Hi All,

I would like to know if PAN-OS is affected by the Samba Out-of-Bounds Heap R/W Remote Code Execution (RCE) Vulnerability (CVE-2021-44142) and if they are what actions need to be taken. 

We are running 9.1.11-h3 on PA-Firewall and 8.1.15 Panorama.

I have searched the PA threat vault and cannot find anything related there.

Many Thanks,

 

 

PrasKtmBoy
1 accepted solution

Accepted Solutions

Cyber Elite
Cyber Elite

@Pras,

First and foremost, your Panorama major version should never be behind your firewalls. I'd recommend upgrading your Panorama instance to 9.1 at least to match your firewalls. 

 

While PAN-OS uses Samba, Panorama does not. Since PAN-OS only uses Samba internally and it isn't exposed, I don't believe this would be exploitable at all in its current deployment. 

View solution in original post

3 REPLIES 3

L4 Transporter

@BPry  Do you have any idea on this? Thank you in advance.

PrasKtmBoy

Cyber Elite
Cyber Elite

@Pras,

First and foremost, your Panorama major version should never be behind your firewalls. I'd recommend upgrading your Panorama instance to 9.1 at least to match your firewalls. 

 

While PAN-OS uses Samba, Panorama does not. Since PAN-OS only uses Samba internally and it isn't exposed, I don't believe this would be exploitable at all in its current deployment. 

L4 Transporter

Thanks for the update @BPry  I appreciate it. Thank you for your suggestion too. 
Cheers,

PrasKtmBoy
  • 1 accepted solution
  • 3595 Views
  • 3 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!