Summary
Multiple buffer overflow vulnerabilities have been reported in Samba. These vulnerabilities affect the following QNAP operating systems:
- QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances), QVR
We have already fixed the vulnerabilities in the following operating system versions:
- QTS 5.0.1.2346 build 20230322 and later
- QuTS hero h5.0.1.2348 build 20230324 and later
- QuTS hero h4.5.4.2374 build 20230417 and later
QNAP is urgently fixing the vulnerabilities in QuTScloud, QVP, and QVR.
Please check this security advisory regularly for updates and promptly update your operating system to the latest recommended version as soon as it is available.