The Samba-Bugzilla – Attachment 17341 Details for
Bug 15008
CVE-2022-32745 [SECURITY] Collecting attribute values for LDB add/modify can result in out-of-bounds access
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
advisory
advisory.txt (text/plain), 1.71 KB, created by
Jennifer Sutton
on 2022-06-13 03:07:20 UTC
(
hide
)
Description:
advisory
Filename:
MIME Type:
Creator:
Jennifer Sutton
Created:
2022-06-13 03:07:20 UTC
Size:
1.71 KB
patch
obsolete
>=========================================================== >== Subject: Samba AD users can crash the server process with an >== LDAP add or modify request. >== >== CVE ID#: CVE-2022-32745 >== >== Versions: Samba 4.16, 4.15.2, 4.14.10, 4.13.14 and later >== >== Summary: Samba AD users can cause the server to access >== uninitialised data, usually leading to segmentation >== faults, by making an LDAP add or modify request. >=========================================================== > >=========== >Description >=========== > >Due to incorrect values used as the limit for a loop and as the >'count' parameter to memcpy(), the server, receiving a specially >crafted message, fails to fully initialise an array of structures, or >accesses an arbitrary element beyond the end of an array. > >Outcomes achievable by an attacker include segmentation faults and >corresponding loss of availability. > >================== >Patch Availability >================== > >Patches addressing both these issues have been posted to: > > https://www.samba.org/samba/security/ > >Additionally, Samba 4.14.14, 4.15.8, and 4.16.2 have been issued >as security releases to correct the defect. Samba administrators are >advised to upgrade to these releases or apply the patch as soon >as possible. > >================== >CVSSv3 calculation >================== > >CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L (4.3) > >========== >Workaround >========== > >None. > >======= >Credits >======= > >Initial report, patches, and this advisory by Joseph Sutton of >Catalyst and the Samba Team. > >========================================================== >== Our Code, Our Bugs, Our Responsibility. >== The Samba Team >==========================================================
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
abartlet
:
review-
Actions:
View
Attachments on
bug 15008
:
17203
|
17204
|
17317
|
17340
|
17341
|
17343
|
17379