CVE-2022-2127

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-2127
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-2127.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-2127
Related
Published
2023-07-20T15:15:11Z
Modified
2024-10-12T08:57:18.364832Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbinddpamauth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manager response length. When Winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in Winbind, possibly resulting in a crash.

References

Affected packages

Debian:11 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:4.13.13+dfsg-1~deb11u6

Affected versions

2:4.*

2:4.13.5+dfsg-2
2:4.13.13+dfsg-1~deb11u1
2:4.13.13+dfsg-1~deb11u2
2:4.13.13+dfsg-1~deb11u3
2:4.13.13+dfsg-1~deb11u4
2:4.13.13+dfsg-1~deb11u5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:4.17.10+dfsg-0+deb12u1

Affected versions

2:4.*

2:4.17.8+dfsg-2
2:4.17.9+dfsg-0+deb12u1
2:4.17.9+dfsg-0+deb12u2
2:4.17.9+dfsg-0+deb12u3~bpo11+1
2:4.17.9+dfsg-0+deb12u3
2:4.17.10+dfsg-0+deb12u1~bpo11+1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:4.18.5+dfsg-1

Affected versions

2:4.*

2:4.17.8+dfsg-2
2:4.18.0~rc1+dfsg-1exp
2:4.18.0~rc2+dfsg-1
2:4.18.0~rc3+dfsg-1
2:4.18.0~rc4+dfsg-1
2:4.18.0+dfsg-1~exp1
2:4.18.1+dfsg-1~exp1
2:4.18.2+dfsg-1
2:4.18.3+dfsg-1
2:4.18.3+dfsg-2
2:4.18.3+dfsg-3
2:4.18.4+dfsg-1
2:4.18.4+dfsg-2~bpo12+1
2:4.18.4+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/samba-team/samba

Affected ranges

Type
GIT
Repo
https://github.com/samba-team/samba
Events

Affected versions

ldb-2.*

ldb-2.5.1
ldb-2.5.2
ldb-2.5.3

samba-4.*

samba-4.16.0
samba-4.16.1
samba-4.16.2
samba-4.16.3
samba-4.16.4
samba-4.16.5
samba-4.16.6
samba-4.16.7
samba-4.16.8
samba-4.16.9