Lucene search
AlmaLinuxALSA-2022:8318HistoryNov 15, 2022 - 12:00 a.m.
Moderate: libldb security, bug fix, and enhancement update
2022-11-1500:00:00
errata.almalinux.org
14
libldb
ldap
samba
security fix
cve-2022-32746
upgrade
remote access
tdb databases
ad users
use-after-free
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
EPSS
0.001
Percentile
31.6%
The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases.
The following packages have been upgraded to a later upstream version: libldb (2.5.2). (BZ#2077490)
Security Fix(es):
- samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request (CVE-2022-32746)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| almalinux | 9 | i686 | python3-ldb | < 2.5.2-1.el9 | python3-ldb-2.5.2-1.el9.i686.rpm |
| almalinux | 9 | i686 | libldb | < 2.5.2-1.el9 | libldb-2.5.2-1.el9.i686.rpm |
| almalinux | 9 | x86_64 | ldb-tools | < 2.5.2-1.el9 | ldb-tools-2.5.2-1.el9.x86_64.rpm |
| almalinux | 9 | x86_64 | libldb | < 2.5.2-1.el9 | libldb-2.5.2-1.el9.x86_64.rpm |
| almalinux | 9 | x86_64 | python3-ldb | < 2.5.2-1.el9 | python3-ldb-2.5.2-1.el9.x86_64.rpm |
| almalinux | 9 | ppc64le | python3-ldb | < 2.5.2-1.el9 | python3-ldb-2.5.2-1.el9.ppc64le.rpm |
| almalinux | 9 | ppc64le | ldb-tools | < 2.5.2-1.el9 | ldb-tools-2.5.2-1.el9.ppc64le.rpm |
| almalinux | 9 | ppc64le | libldb | < 2.5.2-1.el9 | libldb-2.5.2-1.el9.ppc64le.rpm |
| almalinux | 9 | aarch64 | ldb-tools | < 2.5.2-1.el9 | ldb-tools-2.5.2-1.el9.aarch64.rpm |
| almalinux | 9 | aarch64 | python3-ldb | < 2.5.2-1.el9 | python3-ldb-2.5.2-1.el9.aarch64.rpm |
Related
nessus
nessus
CentOS 9 : libldb-2.5.2-1.el9
2024-02-29 00:00:00
EulerOS 2.0 SP10 : libldb (EulerOS-SA-2022-2656)
2022-11-02 00:00:00
Rocky Linux 9 : libldb (RLSA-2022:8318)
2023-11-06 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for libldb (EulerOS-SA-2022-2934)
2022-12-30 00:00:00
Huawei EulerOS: Security Advisory for libldb (EulerOS-SA-2022-2769)
2022-11-14 00:00:00
Huawei EulerOS: Security Advisory for libldb (EulerOS-SA-2022-2734)
2022-11-14 00:00:00
oraclelinux
oraclelinux
libldb security, bug fix, and enhancement update
2022-11-15 00:00:00
libldb security, bug fix, and enhancement update
2022-11-22 00:00:00
ubuntucve
ubuntucve
CVE-2022-32746
2022-07-27 00:00:00
almalinux
almalinux
Moderate: libldb security, bug fix, and enhancement update
2022-11-08 00:00:00
nvd
nvd
CVE-2022-32746
2022-08-25 18:15:10
veracode
veracode
Use-After-Free
2022-08-04 03:05:58
redhatcve
redhatcve
CVE-2022-32746
2022-07-27 15:55:02
osv
osv
Moderate: libldb security, bug fix, and enhancement update
2022-11-08 00:00:00
Moderate: libldb security, bug fix, and enhancement update
2022-11-15 00:00:00
ldb-tools-2.5.2-1.1 on GA media
2024-06-15 00:00:00
redhat
redhat
(RHSA-2022:8318) Moderate: libldb security, bug fix, and enhancement update
2022-11-15 06:21:32
(RHSA-2022:7730) Moderate: libldb security, bug fix, and enhancement update
2022-11-08 06:27:20
cve
cve
CVE-2022-32746
2022-08-25 18:15:10
cbl_mariner
cbl_mariner
CVE-2022-32746 affecting package samba 4.12.5-6
2024-09-30 03:52:42
CVE-2022-32746 affecting package libldb for versions less than 2.7.2-1
2024-08-25 16:56:44
debiancve
debiancve
CVE-2022-32746
2022-08-25 18:15:10
rocky
rocky
libldb security, bug fix, and enhancement update
2022-11-08 06:27:20
libldb security, bug fix, and enhancement update
2022-11-15 06:21:32
prion
prion
Design/Logic Flaw
2022-08-25 18:15:00
samba
samba
Samba AD users can induce a use-after-free in the
2022-07-27 00:00:00
alpinelinux
alpinelinux
CVE-2022-32746
2022-08-25 18:15:10
cvelist
cvelist
CVE-2022-32746
2022-08-25 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: samba-4.15.9-0.fc35
2022-08-14 03:01:36
[SECURITY] Fedora 35 Update: libldb-2.4.4-1.fc35
2022-08-14 03:01:36
[SECURITY] Fedora 36 Update: samba-4.16.4-0.fc36
2022-07-31 01:38:52
f5
f5
K21571420 : Multiple Samba vulnerabilities
2022-08-05 00:00:00
cisa
cisa
Samba Releases Security Updates
2022-07-27 00:00:00
suse
suse
Security update for ldb, samba (important)
2022-07-29 00:00:00
Security update for ldb, samba (important)
2022-08-03 00:00:00
Security update for ldb, samba (important)
2022-09-01 00:00:00
slackware
slackware
[slackware-security] samba
2022-07-27 19:20:14
redos
redos
ROS-20220808-01
2022-08-08 00:00:00
freebsd
freebsd
samba -- Multiple vulnerabilities
2022-07-27 00:00:00
amazon
amazon
Important: samba
2022-12-01 17:33:00
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.15.9-alt1
2022-08-15 00:00:00
debian
debian
[SECURITY] [DSA 5205-1] samba security update
2022-08-11 19:16:47
mageia
mageia
Updated ldb/samba/sssd packages fix security vulnerability
2022-08-26 00:21:07
ubuntu
ubuntu
Samba vulnerabilities
2022-08-01 00:00:00
ibm
ibm
rosalinux
rosalinux
Advisory ROSA-SA-2024-2451
2024-07-15 09:04:20
gentoo
gentoo
Samba: Multiple Vulnerabilities
2023-09-17 00:00:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
EPSS
0.001
Percentile
31.6%
Related for ALSA-2022:8318