Vulnerability CVE-2022-32742: Information
Description
A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control the area of the server memory written to the file (or printer).
Severity: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Published: Aug. 25, 2022
Modified: April 22, 2024
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
samba | sisyphus | 4.15.9-alt1 | 4.20.1-alt2 | ALT-PU-2022-2322-1 | 304593 | Fixed |
samba | sisyphus_e2k | 4.15.9-alt1 | 4.20.1-alt1 | ALT-PU-2022-5705-1 | - | Fixed |
samba | sisyphus_riscv64 | 4.15.9-alt1 | 4.20.1-alt2 | ALT-PU-2022-5651-1 | - | Fixed |
samba | p10 | 4.15.9-alt1 | 4.19.6-alt2 | ALT-PU-2022-2438-1 | 302667 | Fixed |
samba | p10_e2k | 4.15.9-alt1 | 4.19.6-alt2 | ALT-PU-2022-5796-1 | - | Fixed |
samba | c10f1 | 4.15.9-alt1 | 4.16.11-alt2 | ALT-PU-2022-2438-1 | 302667 | Fixed |
samba | c9f2 | 4.14.14-alt0.c9.1 | 4.14.14-alt0.c9.1 | ALT-PU-2023-1616-1 | 316738 | Fixed |
samba | p11 | 4.15.9-alt1 | 4.20.1-alt1 | ALT-PU-2022-2322-1 | 304593 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://www.samba.org/samba/security/CVE-2022-32742.html |
|
GLSA-202309-06 | |
[debian-lts-announce] 20240422 [SECURITY] [DLA 3792-1] samba security update |