15296 – (CVE-2022-45142) [NOT SAMBA] CVE-2022-45142 [SECURITY] Inverted logic in Heimdal 7.1 backport of CVE-2022-3437

Bug 15296 (CVE-2022-45142) - [NOT SAMBA] CVE-2022-45142 [SECURITY] Inverted logic in Heimdal 7.1 backport of CVE-2022-3437

Summary: [NOT SAMBA] CVE-2022-45142 [SECURITY] Inverted logic in Heimdal 7.1 backport ...

Status:	NEW

Alias:	CVE-2022-45142

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	AD: LDB/DSDB/SAMDB (show other bugs)
Version:	unspecified
Hardware:	All All

Importance:	P5 normal (vote)
Target Milestone:	---
Assignee:	Samba QA Contact
QA Contact:	Samba QA Contact

URL:	https://www.openwall.com/lists/oss-se...
Keywords:

Depends on:
Blocks:

Reported:	2023-01-30 19:19 UTC by Andrew Bartlett
Modified:	2023-02-09 09:28 UTC (History)
CC List:	2 users (show)

See Also:	CVE-2022-3437

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Andrew Bartlett 2023-01-30 19:19:37 UTC

Bug 15134 CVE-2022-3437 [SECURITY] "Heimdal des/des3 overflow" was correctly backported in Samba, however the Heimdal issued patch for Heimdal 7.1 sadly inverted important memory comparisons in the arcfour-hmac-md5 / rc4-hmac integrity check handler.

This was found by Helmut Grohne and notifications are being handled by Salvatore Bonaccorso of the Debian security team.

The purpose of this bug is simply to record that a CVE recently issued to Samba but left unused is being used for this issue, and to point any concerned persons at when this is made public.