PT-2022-4136 · Samba+10 · Samba+10

Luca Moro

·

Published

2022-07-18

·

Updated

2024-11-15

·

CVE-2022-32742

CVSS v2.0

5.0

Medium

VectorAV:N/AC:L/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions Samba (affected versions not specified)
Description A flaw was found in Samba, where some SMB1 write requests were not correctly range-checked, allowing server memory contents to be written into the file or printer instead of client-supplied data. The client cannot control the area of the server memory written to the file or printer. This issue may allow a remote attacker to cause a denial of service.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Information Disclosure

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-119

Related Identifiers

ALSA-2022:7111
ALSA-2022:8317
ALT-PU-2022-2322
ALT-PU-2022-2438
ALT-PU-2023-1616
ALT-PU-2024-14683
AZL-10736
AZL-37012
BDU:2022-04977
CESA-2022_7111
CVE-2022-32742
DLA-3792-1
DSA-5205-1
ECHO-4DAC-3195-2546
MGASA-2022-0299
OESA-2022-1798
OESA-2022-1816
OESA-2022-1817
OPENSUSE-SU-2022_2586-1
OPENSUSE-SU-2022_2621-1
OPENSUSE-SU-2022_2651-1
OPENSUSE-SU-2022_2659-1
OPENSUSE-SU-2022_4395-1
OPENSUSE-SU-2023_0160-1
OPENSUSE-SU-2024:12243-1
RHSA-2022:7056
RHSA-2022:7111
RHSA-2022:8317
RHSA-2022_7111
RHSA-2022_8317
RLSA-2022:7111
RLSA-2022:8317
SUSE-SU-2022:2580-1
SUSE-SU-2022:2582-1
SUSE-SU-2022:2585-1
SUSE-SU-2022:2586-1
SUSE-SU-2022:2586-2
SUSE-SU-2022:2598-1
SUSE-SU-2022:2621-1
SUSE-SU-2022:2651-1
SUSE-SU-2022:2659-1
SUSE-SU-2022:4395-1
SUSE-SU-2022_2585-1
SUSE-SU-2022_2598-1
SUSE-SU-2022_2621-1
SUSE-SU-2022_2651-1
SUSE-SU-2023:0081-1
SUSE-SU-2023:0122-1
SUSE-SU-2023:0160-1
USN-5542-1
ZDI-23-713

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Red Hat
Red Os
Rocky Linux
Samba
Suse
Ubuntu