CVE-2022-32746

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions Samba (affected versions not specified)

Description The issue is related to a use-after-free problem in the Samba AD LDAP server, specifically in the AD DC database audit logging module. This module can access LDAP message values that have been freed by a preceding database module. The issue can be exploited when modifying certain privileged attributes, such as userAccountControl. Exploitation of this issue may allow a remote attacker to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2022:7730

ALSA-2022:8318

ALT-PU-2022-2322

ALT-PU-2022-2438

ALT-PU-2023-1616

ALT-PU-2024-14683

AZL-10707

AZL-37015

AZL-45138

BDU:2022-04911

CESA-2022_7730

CVE-2022-32746

DSA-5205-1

MGASA-2022-0299

OESA-2022-1798

OESA-2022-1806

OESA-2022-1816

OESA-2022-1817

OPENSUSE-SU-2022_2586-1

OPENSUSE-SU-2022_2659-1

OPENSUSE-SU-2022_4395-1

OPENSUSE-SU-2023_0160-1

OPENSUSE-SU-2024:12241-1

OPENSUSE-SU-2024:12243-1

RHSA-2022:7730

RHSA-2022:8318

RHSA-2022_7730

RHSA-2022_8318

RLSA-2022:7730

RLSA-2022:8318

SUSE-SU-2022:2582-1

SUSE-SU-2022:2586-1

SUSE-SU-2022:2586-2

SUSE-SU-2022:2659-1

SUSE-SU-2022:4395-1

SUSE-SU-2023:0081-1

SUSE-SU-2023:0160-1

SUSE-SU-2023:1687-1

SUSE-SU-2023:1689-1

SUSE-SU-2023_1687-1

SUSE-SU-2023_1689-1

USN-5542-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Red Hat

Red Os

Rocky Linux

Samba

Suse

Ubuntu

CVE-2022-32746

Weakness Enumeration

Related Identifiers

Affected Products

References · 134