Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
sambaSamba SecuritySAMBA:CVE-2022-32745
HistoryJul 27, 2022 - 12:00 a.m.

Samba AD users can crash the server process with an

2022-07-2700:00:00
Samba Security
www.samba.org
41
samba
server crash
crafted message

EPSS

0.002

Percentile

60.1%

JSON

Description

Due to incorrect values used as the limit for a loop and as the
‘count’ parameter to memcpy(), the server, receiving a specially
crafted message, leaves an array of structures partially
uninitialised, or accesses an arbitrary element beyond the end of an
array.

Outcomes achievable by an attacker include segmentation faults and
corresponding loss of availability. Depending on the contents of the
uninitialised memory, confidentiality may also be affected.

Patch Availability

Patches addressing both these issues have been posted to:

https://www.samba.org/samba/security/

Additionally, Samba 4.16.4, 4.15.9, and 4.14.14 have been issued
as security releases to correct the defect. Samba administrators are
advised to upgrade to these releases or apply the patch as soon
as possible.

CVSSv3 calculation

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L (5.4)

Workaround

None.

Credits

Initial report, patches, and this advisory by Joseph Sutton of
Catalyst and the Samba Team.

== Our Code, Our Bugs, Our Responsibility.
== The Samba Team

Related

veracode 1
ubuntucve 1
openvas 29
osv 4
cvelist 1
redhatcve 1
prion 1
debiancve 1
nvd 1
alpinelinux 1
cve 1
nessus 23
fedora 4
suse 3
redos 1
cisa 1
f5 1
slackware 1
amazon 1
altlinux 1
debian 1
mageia 1
freebsd 1
ubuntu 1
gentoo 1
veracode
veracode
Denial Of Service (DoS)
2022-08-04 03:05:57
ubuntucve
ubuntucve
CVE-2022-32745
2022-07-27 00:00:00
openvas
openvas
Samba DoS Vulnerability (CVE-2022-32745)
2022-07-28 00:00:00
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-2480)
2022-10-10 00:00:00
Fedora: Security Advisory for libldb (FEDORA-2022-19600c9743)
2022-08-01 00:00:00
osv
osv
CVE-2022-32745
2022-08-25 18:15:10
ctdb-4.16.4+git.297.1497eb221ed-1.1 on GA media
2024-06-15 00:00:00
samba - security update
2022-08-11 00:00:00
cvelist
cvelist
CVE-2022-32745
2022-08-25 00:00:00
redhatcve
redhatcve
CVE-2022-32745
2022-07-27 15:55:01
prion
prion
Design/Logic Flaw
2022-08-25 18:15:00
debiancve
debiancve
CVE-2022-32745
2022-08-25 18:15:10
nvd
nvd
CVE-2022-32745
2022-08-25 18:15:10
alpinelinux
alpinelinux
CVE-2022-32745
2022-08-25 18:15:10
cve
cve
CVE-2022-32745
2022-08-25 18:15:10
nessus
nessus
EulerOS 2.0 SP8 : samba (EulerOS-SA-2022-2480)
2022-10-09 00:00:00
SUSE SLED15 / SLES15 Security Update : ldb, samba (SUSE-SU-2022:2586-1)
2022-07-30 00:00:00
SUSE SLES12 Security Update : samba (SUSE-SU-2022:2582-1)
2022-08-02 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: samba-4.15.9-0.fc35
2022-08-14 03:01:36
[SECURITY] Fedora 36 Update: libldb-2.5.2-1.fc36
2022-07-31 01:38:52
[SECURITY] Fedora 35 Update: libldb-2.4.4-1.fc35
2022-08-14 03:01:36
suse
suse
Security update for ldb, samba (important)
2022-08-03 00:00:00
Security update for ldb, samba (important)
2022-07-29 00:00:00
Security update for ldb, samba (important)
2022-09-01 00:00:00
redos
redos
ROS-20220808-01
2022-08-08 00:00:00
cisa
cisa
Samba Releases Security Updates
2022-07-27 00:00:00
f5
f5
K21571420 : Multiple Samba vulnerabilities
2022-08-05 00:00:00
slackware
slackware
[slackware-security] samba
2022-07-27 19:20:14
amazon
amazon
Important: samba
2022-12-01 17:33:00
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.15.9-alt1
2022-08-15 00:00:00
debian
debian
[SECURITY] [DSA 5205-1] samba security update
2022-08-11 19:16:47
mageia
mageia
Updated ldb/samba/sssd packages fix security vulnerability
2022-08-26 00:21:07
freebsd
freebsd
samba -- Multiple vulnerabilities
2022-07-27 00:00:00
ubuntu
ubuntu
Samba vulnerabilities
2022-08-01 00:00:00
gentoo
gentoo
Samba: Multiple Vulnerabilities
2023-09-17 00:00:00

EPSS

0.002

Percentile

60.1%

JSON
Related for SAMBA:CVE-2022-32745
veracode1ubuntucve1openvas29osv4cvelist1redhatcve1prion1debiancve1nvd1alpinelinux1cve1nessus23fedora4suse3redos1cisa1f51slackware1amazon1altlinux1debian1mageia1freebsd1ubuntu1gentoo1