Lucene search
RedhatCVE-2022-32746HistoryAug 25, 2022 - 6:15 p.m.
CVE-2022-32746
2022-08-2518:15:10
CWE-416
redhat
web.nvd.nist.gov
384
3
samba
ad
ldap
server
use-after-free
cve-2022-32746
security
nvd
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
31.6%
A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl.
Affected configurations
Node
sambasambaRange4.3.0–4.14.14
ORsambasambaRange4.15.0–4.15.9
ORsambasambaRange4.16.0–4.16.4
CNA Affected
[
{
"vendor": "n/a",
"product": "samba",
"versions": [
{
"version": "Versions prior to samba 4.16.4, samba 4.15.9, samba 4.14.14",
"status": "affected"
}
]
}
]Social References
More
Related
nessus
nessus
Amazon Linux 2023 : ldb-tools, libldb, libldb-devel (ALAS2023-2023-085)
2023-03-21 00:00:00
Oracle Linux 9 : libldb (ELSA-2022-8318)
2022-11-22 00:00:00
EulerOS Virtualization 2.9.1 : libldb (EulerOS-SA-2023-1195)
2023-01-10 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for libldb (EulerOS-SA-2022-2734)
2022-11-14 00:00:00
Huawei EulerOS: Security Advisory for libldb (EulerOS-SA-2022-2934)
2022-12-30 00:00:00
Huawei EulerOS: Security Advisory for libldb (EulerOS-SA-2022-2769)
2022-11-14 00:00:00
nvd
nvd
CVE-2022-32746
2022-08-25 18:15:10
oraclelinux
oraclelinux
libldb security, bug fix, and enhancement update
2022-11-15 00:00:00
libldb security, bug fix, and enhancement update
2022-11-22 00:00:00
ubuntucve
ubuntucve
CVE-2022-32746
2022-07-27 00:00:00
almalinux
almalinux
Moderate: libldb security, bug fix, and enhancement update
2022-11-15 00:00:00
Moderate: libldb security, bug fix, and enhancement update
2022-11-08 00:00:00
veracode
veracode
Use-After-Free
2022-08-04 03:05:58
redhatcve
redhatcve
CVE-2022-32746
2022-07-27 15:55:02
osv
osv
Moderate: libldb security, bug fix, and enhancement update
2022-11-08 00:00:00
Moderate: libldb security, bug fix, and enhancement update
2022-11-15 00:00:00
ldb-tools-2.5.2-1.1 on GA media
2024-06-15 00:00:00
redhat
redhat
(RHSA-2022:8318) Moderate: libldb security, bug fix, and enhancement update
2022-11-15 06:21:32
(RHSA-2022:7730) Moderate: libldb security, bug fix, and enhancement update
2022-11-08 06:27:20
cbl_mariner
cbl_mariner
CVE-2022-32746 affecting package samba 4.12.5-6
2024-10-01 09:12:11
CVE-2022-32746 affecting package libldb for versions less than 2.7.2-1
2024-08-25 16:56:44
debiancve
debiancve
CVE-2022-32746
2022-08-25 18:15:10
rocky
rocky
libldb security, bug fix, and enhancement update
2022-11-08 06:27:20
libldb security, bug fix, and enhancement update
2022-11-15 06:21:32
prion
prion
Design/Logic Flaw
2022-08-25 18:15:00
alpinelinux
alpinelinux
CVE-2022-32746
2022-08-25 18:15:10
samba
samba
Samba AD users can induce a use-after-free in the
2022-07-27 00:00:00
cvelist
cvelist
CVE-2022-32746
2022-08-25 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: libldb-2.4.4-1.fc35
2022-08-14 03:01:36
[SECURITY] Fedora 36 Update: samba-4.16.4-0.fc36
2022-07-31 01:38:52
[SECURITY] Fedora 35 Update: samba-4.15.9-0.fc35
2022-08-14 03:01:36
f5
f5
K21571420 : Multiple Samba vulnerabilities
2022-08-05 00:00:00
cisa
cisa
Samba Releases Security Updates
2022-07-27 00:00:00
suse
suse
Security update for ldb, samba (important)
2022-08-03 00:00:00
Security update for ldb, samba (important)
2022-07-29 00:00:00
Security update for ldb, samba (important)
2022-09-01 00:00:00
redos
redos
ROS-20220808-01
2022-08-08 00:00:00
freebsd
freebsd
samba -- Multiple vulnerabilities
2022-07-27 00:00:00
slackware
slackware
[slackware-security] samba
2022-07-27 19:20:14
amazon
amazon
Important: samba
2022-12-01 17:33:00
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.15.9-alt1
2022-08-15 00:00:00
debian
debian
[SECURITY] [DSA 5205-1] samba security update
2022-08-11 19:16:47
mageia
mageia
Updated ldb/samba/sssd packages fix security vulnerability
2022-08-26 00:21:07
ubuntu
ubuntu
Samba vulnerabilities
2022-08-01 00:00:00
ibm
ibm
rosalinux
rosalinux
Advisory ROSA-SA-2024-2451
2024-07-15 09:04:20
gentoo
gentoo
Samba: Multiple Vulnerabilities
2023-09-17 00:00:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
31.6%
Related for CVE-2022-32746