samba is vulnerable to buffer overflow. The vulnerability exists within the GSSAPI unwrap_des()
and unwrap_des3()
routines of Heimdal because GSSAPI library allow a length-limited write buffer overflow on malloc()
allocated memory when presented with a maliciously small packet causing an application crash.
www.openwall.com/lists/oss-security/2023/02/08/1
access.redhat.com/security/cve/CVE-2022-3437
bugzilla.redhat.com/show_bug.cgi?id=2137774
bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-3437
secdb.alpinelinux.org/edge/main.yaml
security.gentoo.org/glsa/202309-06
security.gentoo.org/glsa/202310-06
security.netapp.com/advisory/ntap-20230216-0008/
www.rapid7.com/db/vulnerabilities/samba-cve-2022-3437
www.samba.org/samba/security/CVE-2022-3437.html