CVE-2022-32746 — Use After Free in Samba

CWE-416 — Use After Free8 documents7 sources

Severity

5.4MEDIUMNVD

OSV6.5

EPSS

0.3%

top 43.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samba Debian Samba Msrc Azl3 Libldb 2.7.2-1 ON Azure Linux 3.0 +3 more

Timeline

PublishedAug 25

Latest updateAug 26

Description

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:LExploitability: 2.8 | Impact: 2.5

Affected Packages9 packages

▶NVDsamba/samba4.3.0 — 4.14.14+2

▶debiandebian/samba< samba 2:4.16.4+dfsg-1 (bookworm)

▶Debiansamba/samba< 2:4.13.13+dfsg-1~deb11u5+3

▶Ubuntusamba/samba< 2:4.13.17~dfsg-0ubuntu1.20.04.1+1

▶CVEListV5samba/sambaVersions prior to samba 4.16.4, samba 4.15.9, samba 4.14.14

Patches

Patch: www.samba.org ↗Patch: www.samba.org ↗

🔴Vulnerability Details

GHSA

GHSA-hv8p-prvv-v646: A flaw was found in the Samba AD LDAP server↗2022-08-26

▶

OSV

CVE-2022-32746: A flaw was found in the Samba AD LDAP server↗2022-08-25

▶

OSV

samba vulnerabilities↗2022-08-01

▶

📋Vendor Advisories

Microsoft

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module resulting in a use-after-free issue. This issu↗2022-08-09

▶

Ubuntu

Samba vulnerabilities↗2022-08-01

▶

Red Hat

samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request↗2022-07-27

▶

Debian

CVE-2022-32746: samba - A flaw was found in the Samba AD LDAP server. The AD DC database audit logging m...↗2022

▶