Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-32745: Samba - Security Announcement Archive

A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.

CVE
#ldap#samba

CVE-2022-32745.html:

=========================================================== == Subject: Samba AD users can crash the server process with an == LDAP add or modify request. == == CVE ID#: CVE-2022-32745 == == Versions: Samba 4.16, 4.15.2, 4.14.10, 4.13.14, and later == == Summary: Samba AD users can cause the server to access == uninitialised data with an LDAP add or modify request, == usually resulting in a segmentation fault. ===========================================================

=========== Description ===========

Due to incorrect values used as the limit for a loop and as the ‘count’ parameter to memcpy(), the server, receiving a specially crafted message, leaves an array of structures partially uninitialised, or accesses an arbitrary element beyond the end of an array.

Outcomes achievable by an attacker include segmentation faults and corresponding loss of availability. Depending on the contents of the uninitialised memory, confidentiality may also be affected.

================== Patch Availability ==================

Patches addressing both these issues have been posted to:

https://www.samba.org/samba/security/

Additionally, Samba 4.16.4, 4.15.9, and 4.14.14 have been issued as security releases to correct the defect. Samba administrators are advised to upgrade to these releases or apply the patch as soon as possible.

================== CVSSv3 calculation ==================

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L (5.4)

========== Workaround ==========

None.

======= Credits =======

Initial report, patches, and this advisory by Joseph Sutton of Catalyst and the Samba Team.

========================================================== == Our Code, Our Bugs, Our Responsibility. == The Samba Team ==========================================================

Related news

Gentoo Linux Security Advisory 202309-06

Gentoo Linux Security Advisory 202309-6 - Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution. Versions greater than or equal to 4.18.4 are affected.

Ubuntu Security Notice USN-5542-1

Ubuntu Security Notice 5542-1 - It was discovered that Samba did not handle MaxQueryDuration when being used in AD DC configurations, contrary to expectations. This issue only affected Ubuntu 20.04 LTS. Luke Howard discovered that Samba incorrectly handled certain restrictions associated with changing passwords. A remote attacker being requested to change passwords could possibly use this issue to escalate privileges.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907