SMB client can truncate files to 0 bytes by opening files with OVERWRITE disposition when using the acl_xattr Samba VFS module with the smb.conf setting "acl_xattr:ignore system acls = yes". If the module configuration parameter "acl_xattr:ignore system acls=no", then the Samba server is not vulnerable to this attack. https://bugzilla.samba.org/show_bug.cgi?id=15439
This CVE is now Public: https://www.samba.org/samba/security/CVE-2023-4091.html
Created samba tracking bugs for this issue: Affects: fedora-all [bug 2243231]
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:6209 https://access.redhat.com/errata/RHSA-2023:6209
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:6744 https://access.redhat.com/errata/RHSA-2023:6744
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2023:7371 https://access.redhat.com/errata/RHSA-2023:7371
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:7408 https://access.redhat.com/errata/RHSA-2023:7408
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2023:7464 https://access.redhat.com/errata/RHSA-2023:7464
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7467 https://access.redhat.com/errata/RHSA-2023:7467