Headline
RHSA-2022:8318: Red Hat Security Advisory: libldb security, bug fix, and enhancement update
An update for libldb is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-32746: samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-11-15
Updated:
2022-11-15
RHSA-2022:8318 - Security Advisory
- Overview
- Updated Packages
Synopsis
Moderate: libldb security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for libldb is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases.
The following packages have been upgraded to a later upstream version: libldb (2.5.2). (BZ#2077490)
Security Fix(es):
- samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request (CVE-2022-32746)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for ARM 64 9 aarch64
- Red Hat CodeReady Linux Builder for x86_64 9 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
- Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
Fixes
- BZ - 2077490 - Rebase libldb to the version required by Samba
- BZ - 2108215 - CVE-2022-32746 samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request
References
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index
Red Hat Enterprise Linux for x86_64 9
SRPM
libldb-2.5.2-1.el9.src.rpm
SHA-256: 187f6c0cf74777294ad69a44d9c5d8d7b80b69f46f42876d22d4b406b0c01a9c
x86_64
ldb-tools-2.5.2-1.el9.x86_64.rpm
SHA-256: 9c2f49a8adae5c8f23c4189313ea9fb4e00a3a7b16e8421a39c1a1892217ab9e
ldb-tools-debuginfo-2.5.2-1.el9.i686.rpm
SHA-256: 5efb10e06ee0af9fd190f0eacd60aae6dcf40cf40eb9630ba2337f1b8a0d05cb
ldb-tools-debuginfo-2.5.2-1.el9.x86_64.rpm
SHA-256: 4e91aff551ad2a97768ab1df4bbbe6a0d7fcc859e92e538293cccd1f096c8920
libldb-2.5.2-1.el9.i686.rpm
SHA-256: 5aae2b8291ccd0fb4c9fc1e6e65dbf58ccc728d1e9f4e5fb6c1ede5090868a21
libldb-2.5.2-1.el9.x86_64.rpm
SHA-256: 7edeeda804b546cf050fca305840be84046eb4a0eb370c285bad97c33ad954c3
libldb-debuginfo-2.5.2-1.el9.i686.rpm
SHA-256: a09dbd3970a88e15dc24372c6ce1773f168b9ac57d6f67a330aecdac0e0c4eba
libldb-debuginfo-2.5.2-1.el9.x86_64.rpm
SHA-256: 2998677aae22fe82327644d1f173dbff4a30982f5525ce1a06a971cb432ebd25
libldb-debugsource-2.5.2-1.el9.i686.rpm
SHA-256: b54353ab3d3199ee8fb2babcfca1ca517106c1bcc98ebad398260a7837410aaa
libldb-debugsource-2.5.2-1.el9.x86_64.rpm
SHA-256: 108e02dccaead2821e49fd4d5b5bd43ab31e1595c8d06629210b3edb5506fd88
python3-ldb-2.5.2-1.el9.i686.rpm
SHA-256: 18edd514f2b3e48fe882f43a6c0d845d95966bce06c3d28d90abe33a28299d0f
python3-ldb-2.5.2-1.el9.x86_64.rpm
SHA-256: 929332f8b42b164a1f7ed5b2fc096d96ac819e5be263e1b314b8a03d3c348d24
python3-ldb-debuginfo-2.5.2-1.el9.i686.rpm
SHA-256: d633e48ca6d46f2305525d270a79fa607bff7eac2591f8fb51fae73abda5571a
python3-ldb-debuginfo-2.5.2-1.el9.x86_64.rpm
SHA-256: 8dd1d2f451a61c2a87c5c481982a8d57f41e6a43e6e1da38549dfdee7900cba9
Red Hat Enterprise Linux for IBM z Systems 9
SRPM
libldb-2.5.2-1.el9.src.rpm
SHA-256: 187f6c0cf74777294ad69a44d9c5d8d7b80b69f46f42876d22d4b406b0c01a9c
s390x
ldb-tools-2.5.2-1.el9.s390x.rpm
SHA-256: b16bf740005144a9d0286c1b5961e50ab6c8a26213060602dc7ebb64db51efc7
ldb-tools-debuginfo-2.5.2-1.el9.s390x.rpm
SHA-256: 9a34a5292a9bee2f5836ab0c3b29f0c2b780a43ee32864a8879ae290ca3b0fb5
libldb-2.5.2-1.el9.s390x.rpm
SHA-256: cc3bed24e39c2ecec6937e4bab894b8e0325ce86e8d4a429cb1928c133a91f93
libldb-debuginfo-2.5.2-1.el9.s390x.rpm
SHA-256: 7cb0a21c5777847aea6cd1cb560791db72f5fb619ad0f5804e6ee4955480a3fb
libldb-debugsource-2.5.2-1.el9.s390x.rpm
SHA-256: 1218d8a3e15e91e630cbdddb00fd44a70937836b0d23a2b8a293b272d3107000
python3-ldb-2.5.2-1.el9.s390x.rpm
SHA-256: 884756d480c3ed101297c085a36504dc271b3d6147fa05aed9d142a6f7dd6b65
python3-ldb-debuginfo-2.5.2-1.el9.s390x.rpm
SHA-256: df0bef5078fa8c870d9b95d04f24486bbfc1165812d5ca0df9a498c999e64a74
Red Hat Enterprise Linux for Power, little endian 9
SRPM
libldb-2.5.2-1.el9.src.rpm
SHA-256: 187f6c0cf74777294ad69a44d9c5d8d7b80b69f46f42876d22d4b406b0c01a9c
ppc64le
ldb-tools-2.5.2-1.el9.ppc64le.rpm
SHA-256: d480ec8ac9901bd9222e3dc8d693d1817aff8add7a5114e90c36f1d980101ee9
ldb-tools-debuginfo-2.5.2-1.el9.ppc64le.rpm
SHA-256: cefe78278ba0966f8f286fca0595e6d43c1d55939cc2701a7e03ee6114cfa89a
libldb-2.5.2-1.el9.ppc64le.rpm
SHA-256: 06a97bfa1938574bbffb965904448dcd463da432e19298d86bb6d0d8a54b2547
libldb-debuginfo-2.5.2-1.el9.ppc64le.rpm
SHA-256: c26350397d7872487033e78491407cadbe6662ed23639e948d53ac9f6c25fb78
libldb-debugsource-2.5.2-1.el9.ppc64le.rpm
SHA-256: 20fc178a8985d33f1caeeba381dc6274465412d14470926ec8d6d517b35e2bf0
python3-ldb-2.5.2-1.el9.ppc64le.rpm
SHA-256: 3edff915716c8e77e5c184ccba1ea5500ab7f33764e4432b0174d20a97d8c1e1
python3-ldb-debuginfo-2.5.2-1.el9.ppc64le.rpm
SHA-256: 7460a7df9e478bba20dbba8362b626a4ecf3d14cc7bbd6cf5d82ed1b508e9e29
Red Hat Enterprise Linux for ARM 64 9
SRPM
libldb-2.5.2-1.el9.src.rpm
SHA-256: 187f6c0cf74777294ad69a44d9c5d8d7b80b69f46f42876d22d4b406b0c01a9c
aarch64
ldb-tools-2.5.2-1.el9.aarch64.rpm
SHA-256: 690db57b558615c377ff8ab0ef3bb18d65da05304cb154c854b0202828eeaf04
ldb-tools-debuginfo-2.5.2-1.el9.aarch64.rpm
SHA-256: 5339565f81879b11dbba7298d983963181e34035839cad1cf038233834c70d1b
libldb-2.5.2-1.el9.aarch64.rpm
SHA-256: 46413d54a5e5478b4979ab1ef95d3f2d5aaf7aaa2db22d228bb05a35b430f34d
libldb-debuginfo-2.5.2-1.el9.aarch64.rpm
SHA-256: 82c3e79b91398e8246981a63eb59c9cede102912cd927b366eb6996b52ea377d
libldb-debugsource-2.5.2-1.el9.aarch64.rpm
SHA-256: 458e1aab37d0da4f1d2b0fda85491c27fa459b55861f674e071c8059625224aa
python3-ldb-2.5.2-1.el9.aarch64.rpm
SHA-256: e2bc4d8b945d64576cfca11adea49f061a1a0ae6b581e7b095e05d6c236e18ec
python3-ldb-debuginfo-2.5.2-1.el9.aarch64.rpm
SHA-256: 4b974f52bd9eae49220f48c2bfb2ceb842ee092149de421da6e8ca01c3518099
Red Hat CodeReady Linux Builder for x86_64 9
SRPM
x86_64
ldb-tools-debuginfo-2.5.2-1.el9.i686.rpm
SHA-256: 5efb10e06ee0af9fd190f0eacd60aae6dcf40cf40eb9630ba2337f1b8a0d05cb
ldb-tools-debuginfo-2.5.2-1.el9.x86_64.rpm
SHA-256: 4e91aff551ad2a97768ab1df4bbbe6a0d7fcc859e92e538293cccd1f096c8920
libldb-debuginfo-2.5.2-1.el9.i686.rpm
SHA-256: a09dbd3970a88e15dc24372c6ce1773f168b9ac57d6f67a330aecdac0e0c4eba
libldb-debuginfo-2.5.2-1.el9.x86_64.rpm
SHA-256: 2998677aae22fe82327644d1f173dbff4a30982f5525ce1a06a971cb432ebd25
libldb-debugsource-2.5.2-1.el9.i686.rpm
SHA-256: b54353ab3d3199ee8fb2babcfca1ca517106c1bcc98ebad398260a7837410aaa
libldb-debugsource-2.5.2-1.el9.x86_64.rpm
SHA-256: 108e02dccaead2821e49fd4d5b5bd43ab31e1595c8d06629210b3edb5506fd88
libldb-devel-2.5.2-1.el9.i686.rpm
SHA-256: 0903a794f19a9c59a22e5950b354cbfc386854ffda417c40c821d866365b0452
libldb-devel-2.5.2-1.el9.x86_64.rpm
SHA-256: a3cfd21c54ae4fa951e28927a727176ed498965481d4450a963495f64bf5f03c
python3-ldb-debuginfo-2.5.2-1.el9.i686.rpm
SHA-256: d633e48ca6d46f2305525d270a79fa607bff7eac2591f8fb51fae73abda5571a
python3-ldb-debuginfo-2.5.2-1.el9.x86_64.rpm
SHA-256: 8dd1d2f451a61c2a87c5c481982a8d57f41e6a43e6e1da38549dfdee7900cba9
Red Hat CodeReady Linux Builder for Power, little endian 9
SRPM
ppc64le
ldb-tools-debuginfo-2.5.2-1.el9.ppc64le.rpm
SHA-256: cefe78278ba0966f8f286fca0595e6d43c1d55939cc2701a7e03ee6114cfa89a
libldb-debuginfo-2.5.2-1.el9.ppc64le.rpm
SHA-256: c26350397d7872487033e78491407cadbe6662ed23639e948d53ac9f6c25fb78
libldb-debugsource-2.5.2-1.el9.ppc64le.rpm
SHA-256: 20fc178a8985d33f1caeeba381dc6274465412d14470926ec8d6d517b35e2bf0
libldb-devel-2.5.2-1.el9.ppc64le.rpm
SHA-256: 1ef93c2a82259490407f146cc08a5236f05267c3c4fa0a53758c7a1ff9021b20
python3-ldb-debuginfo-2.5.2-1.el9.ppc64le.rpm
SHA-256: 7460a7df9e478bba20dbba8362b626a4ecf3d14cc7bbd6cf5d82ed1b508e9e29
Red Hat CodeReady Linux Builder for ARM 64 9
SRPM
aarch64
ldb-tools-debuginfo-2.5.2-1.el9.aarch64.rpm
SHA-256: 5339565f81879b11dbba7298d983963181e34035839cad1cf038233834c70d1b
libldb-debuginfo-2.5.2-1.el9.aarch64.rpm
SHA-256: 82c3e79b91398e8246981a63eb59c9cede102912cd927b366eb6996b52ea377d
libldb-debugsource-2.5.2-1.el9.aarch64.rpm
SHA-256: 458e1aab37d0da4f1d2b0fda85491c27fa459b55861f674e071c8059625224aa
libldb-devel-2.5.2-1.el9.aarch64.rpm
SHA-256: 7795abdd8e0ccb89719d0b67520748f601050efbb824872d22fc84837dad34fa
python3-ldb-debuginfo-2.5.2-1.el9.aarch64.rpm
SHA-256: 4b974f52bd9eae49220f48c2bfb2ceb842ee092149de421da6e8ca01c3518099
Red Hat CodeReady Linux Builder for IBM z Systems 9
SRPM
s390x
ldb-tools-debuginfo-2.5.2-1.el9.s390x.rpm
SHA-256: 9a34a5292a9bee2f5836ab0c3b29f0c2b780a43ee32864a8879ae290ca3b0fb5
libldb-debuginfo-2.5.2-1.el9.s390x.rpm
SHA-256: 7cb0a21c5777847aea6cd1cb560791db72f5fb619ad0f5804e6ee4955480a3fb
libldb-debugsource-2.5.2-1.el9.s390x.rpm
SHA-256: 1218d8a3e15e91e630cbdddb00fd44a70937836b0d23a2b8a293b272d3107000
libldb-devel-2.5.2-1.el9.s390x.rpm
SHA-256: 3592c3b79a00f23ffbcd49fe681d9f7a2284cbe0d1d35b4f64fc1d6e96892eae
python3-ldb-debuginfo-2.5.2-1.el9.s390x.rpm
SHA-256: df0bef5078fa8c870d9b95d04f24486bbfc1165812d5ca0df9a498c999e64a74
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Gentoo Linux Security Advisory 202309-6 - Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution. Versions greater than or equal to 4.18.4 are affected.
An update for libldb is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32746: samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request
A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl.
Ubuntu Security Notice 5542-1 - It was discovered that Samba did not handle MaxQueryDuration when being used in AD DC configurations, contrary to expectations. This issue only affected Ubuntu 20.04 LTS. Luke Howard discovered that Samba incorrectly handled certain restrictions associated with changing passwords. A remote attacker being requested to change passwords could possibly use this issue to escalate privileges.