{"id":"AZL-37025","summary":"CVE-2023-4091 affecting package samba 4.18.3-2","details":"A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module \"acl_xattr\" is configured with \"acl_xattr:ignore system acls = yes\". The SMB protocol allows opening files when the client requests read-only access but then implicitly truncates the opened file to 0 bytes if the client specifies a separate OVERWRITE create disposition request. The issue arises in configurations that bypass kernel file system permissions checks, relying solely on Samba's permissions.","modified":"2026-04-01T05:12:23.550455Z","published":"2023-11-03T08:15:08Z","upstream":["CVE-2023-4091"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4091"}],"affected":[{"package":{"name":"samba","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/samba"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"4.18.3-2"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-37025.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}]}