CVE-2021-44141: 
Kerberos vulnerability analysis and mitigation

All versions of Samba prior to 4.15.5 are vulnerable to an information disclosure vulnerability where a malicious client can use a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. The vulnerability was assigned CVE-2021-44141 and requires SMB1 with unix extensions to be enabled for successful exploitation (Samba Advisory).

The vulnerability allows clients with write access to the exported part of the file system via SMB1 unix extensions or NFS to create symlinks pointing to arbitrary files or directories on the server filesystem. These clients can then use SMB1 unix extension information queries to determine if the target of the symlink exists by examining error codes returned from the smbd server. The vulnerability has a CVSS 3.1 base score of 4.3 (MEDIUM) with vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N (NVD).

While the vulnerability does not allow direct access to files or directories, it enables attackers to discover the existence of files and directories outside the shared area. This information could help attackers guess system user names, determine exact operating system releases, and identify applications running on the server hosting Samba, potentially facilitating further attacks (Samba Advisory).

The primary mitigation is to upgrade to Samba version 4.15.5 or later. For users unable to upgrade, the recommended workaround is to disable SMB1 entirely. If SMB1 must be enabled, administrators can add 'unix extensions = no' to the [global] section of smb.conf. For non-patched versions, it's recommended to export areas of the file system using either SMB2 or NFS, but not both (Samba Advisory).