CVE-2022-3592: 
Samba vulnerability analysis and mitigation

A symlink following vulnerability (CVE-2022-3592) was discovered in Samba versions 4.17.0 and later. The vulnerability was introduced when Samba 4.17 implemented following symlinks in user space, intended to properly check symlink targets within configured shares. However, due to an improper check in a corner case, users could create symbolic links that would allow smbd to escape the configured share path (Samba Security).

The vulnerability affects all versions of Samba since 4.17.0 and has been assigned a CVSSv3.1 score of 5.4 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N). The flaw exists in the symlink following implementation where the security check fails to properly handle certain corner cases (Samba Security).

When exploited, this vulnerability allows remote users with access to the exported part of the file system under a share via SMB1 unix extensions or NFS to create symlinks to files outside the smbd configured share path. This could potentially grant unauthorized access to restricted parts of the server's file system (Debian Security).

Several mitigation options are available: 1) Disable SMB1 (disabled by default in Samba from version 4.11.0), 2) If SMB1 must be enabled, add 'unix extensions = no' to the [global] section of smb.conf, 3) For non-patched versions, only export areas of the file system by either SMB2 or NFS, not both. The vulnerability has been fixed in Samba 4.17.2, and administrators are advised to upgrade to this release (Samba Security).