Vulnerability CVE-2022-32745: Information

Description

A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.

Severity: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2022-32745

Published: Aug. 25, 2022

Modified: Nov. 7, 2023

Error type identifier: CWE-125, CWE-908

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
samba	sisyphus	4.15.9-alt1	4.20.1-alt2	ALT-PU-2022-2322-1	304593	Fixed
samba	sisyphus_e2k	4.15.9-alt1	4.20.1-alt1	ALT-PU-2022-5705-1	-	Fixed
samba	sisyphus_riscv64	4.15.9-alt1	4.20.1-alt2	ALT-PU-2022-5651-1	-	Fixed
samba	p10	4.15.9-alt1	4.19.6-alt2	ALT-PU-2022-2438-1	302667	Fixed
samba	p10_e2k	4.15.9-alt1	4.19.6-alt2	ALT-PU-2022-5796-1	-	Fixed
samba	c10f1	4.15.9-alt1	4.16.11-alt2	ALT-PU-2022-2438-1	302667	Fixed
samba	c9f2	4.14.14-alt0.c9.1	4.14.14-alt0.c9.1	ALT-PU-2023-1616-1	316738	Fixed
samba	p11	4.15.9-alt1	4.20.1-alt1	ALT-PU-2022-2322-1	304593	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://www.samba.org/samba/security/CVE-2022-32745.html	Patch Vendor Advisory
GLSA-202309-06

Affected configurations:
1. Configuration 1
  cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
  Start including
  4.16.0
  End excliding
  4.16.4
  cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
  Start including
  4.13.14
  End excliding
  4.14.14
  cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
  Start including
  4.15.2
  End excliding
  4.15.9

Version: v24.5.3

Vulnerability CVE-2022-32745: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1