CVE-2022-2127

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Samba (affected versions not specified)

Description The issue is related to an out-of-bounds read vulnerability in Samba due to insufficient length checks in the winbindd pam auth crap.c component. This vulnerability can be exploited when performing NTLM authentication, as the client replies to cryptographic challenges back to the server with variable lengths, and Winbind fails to check the lan manager response length. A maliciously crafted request can trigger an out-of-bounds read in Winbind, possibly resulting in a crash.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2023:6667

ALSA-2023:7139

ALT-PU-2023-4520

ALT-PU-2023-4522

ALT-PU-2023-4523

ALT-PU-2023-7794

ALT-PU-2024-12484

ALT-PU-2024-14683

AZL-44029

AZL-44625

BDU:2023-03963

CESA-2023_7139

CVE-2022-2127

DLA-3792-1

DSA-5477-1

DSA-5647-1

MGASA-2023-0247

OESA-2023-1449

OESA-2023-1450

OESA-2023-1451

OESA-2023-1452

OESA-2023-1453

OPENSUSE-SU-2023_3358-1

OPENSUSE-SU-2024:13071-1

RHSA-2023:6667

RHSA-2023:7139

RHSA-2023_6667

RHSA-2023_7139

RHSA-2024:0423

RHSA-2024:0580

SUSE-SU-2023:2887-1

SUSE-SU-2023:2888-1

SUSE-SU-2023:2929-1

SUSE-SU-2023:2930-1

SUSE-SU-2023:3017-1

SUSE-SU-2023:3060-1

SUSE-SU-2023:3066-1

SUSE-SU-2023:3358-1

SUSE-SU-2023_2887-1

SUSE-SU-2023_2888-1

SUSE-SU-2023_2929-1

SUSE-SU-2023_2930-1

SUSE-SU-2023_3017-1

SUSE-SU-2023_3060-1

SUSE-SU-2023_3358-1

USN-6238-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Red Hat

Red Os

Samba

Suse

Ubuntu

CVE-2022-2127

Weakness Enumeration

Related Identifiers

Affected Products

References · 113