CVE-2022-45141

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).

Database specific

{
    "cwe_ids": [
        "CWE-328"
    ],
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "last_affected": "Fixed in samba 4.15.13, samba 4.16.8, samba 4.15.13"
                }
            ]
        }
    ],
    "cna_assigner": "redhat",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/45xxx/CVE-2022-45141.json"
}

References

Affected packages

Git / github.com/samba-team/samba

Affected ranges

Type

GIT

Repo

https://github.com/samba-team/samba

Events

Introduced

Fixed

861b4f9fde0128609abcb4eafce6192fbf0a959a

Introduced

e95d85f784ae6b19f2cb42cc9039b60b146e5b69

Fixed

6cc6e233b5ceb2a579400f020b61c67ca7bbeb78

Database specific

{
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "4.15.13"
        },
        {
            "introduced": "4.16.0"
        },
        {
            "fixed": "4.16.8"
        }
    ],
    "cpe": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*"
}

Affected versions

ldb-1.*

ldb-1.1.0

ldb-1.1.10

ldb-1.1.11

ldb-1.1.12

ldb-1.1.13

ldb-1.1.14

ldb-1.1.15

ldb-1.1.16

ldb-1.1.17

ldb-1.1.18

ldb-1.1.19

ldb-1.1.2

ldb-1.1.20

ldb-1.1.21

ldb-1.1.22

ldb-1.1.23

ldb-1.1.25

ldb-1.1.26

ldb-1.1.27

ldb-1.1.28

ldb-1.1.29

ldb-1.1.3

ldb-1.1.30

ldb-1.1.31

ldb-1.1.4

ldb-1.1.5

ldb-1.1.6

ldb-1.1.8

ldb-1.1.9

ldb-1.2.0

ldb-1.2.1

ldb-1.2.2

ldb-1.3.0

ldb-1.3.1

ldb-1.3.2

ldb-1.4.0

ldb-1.4.1

ldb-1.5.0

ldb-1.5.1

ldb-1.5.2

ldb-1.6.1

ldb-1.6.2

ldb-1.6.3

ldb-2.*

ldb-2.0.5

ldb-2.1.0

ldb-2.1.1

ldb-2.2.0

ldb-2.4.0

ldb-2.4.1

ldb-2.4.2

ldb-2.4.3

ldb-2.5.1

ldb-2.5.2

samba-4.*

samba-4.0.0alpha10

samba-4.0.0alpha17

samba-4.0.0alpha18

samba-4.0.0alpha19

samba-4.0.0alpha20

samba-4.0.0alpha21

samba-4.0.0alpha6

samba-4.0.0alpha7

samba-4.0.0alpha8

samba-4.0.0alpha9

samba-4.0.0beta1

samba-4.0.0beta2

samba-4.0.0beta3

samba-4.0.0beta4

samba-4.0.0beta5

samba-4.0.0beta6

samba-4.0.0beta7

samba-4.0.0beta8

samba-4.0.0rc1

samba-4.10.0rc1

samba-4.11.0rc1

samba-4.12.0rc1

samba-4.13.0rc1

samba-4.14.0rc1

samba-4.15.0

samba-4.15.0rc1

samba-4.15.0rc2

samba-4.15.0rc3

samba-4.15.0rc4

samba-4.15.0rc5

samba-4.15.0rc6

samba-4.15.0rc7

samba-4.15.1

samba-4.15.10

samba-4.15.11

samba-4.15.12

samba-4.15.2

samba-4.15.3

samba-4.15.4

samba-4.15.6

samba-4.15.7

samba-4.15.8

samba-4.16.0

samba-4.16.1

samba-4.16.2

samba-4.16.3

samba-4.16.4

samba-4.16.5

samba-4.2.0rc1

samba-4.3.0rc1

samba-4.4.0rc1

samba-4.5.0rc1

samba-4.6.0rc1

samba-4.7.0rc1

samba-4.8.0rc1

samba-4.9.0rc1

talloc-1.*

talloc-1.3.1

talloc-2.*

talloc-2.0.0

talloc-2.0.7

talloc-2.0.8

talloc-2.1.0

talloc-2.1.1

talloc-2.1.10

talloc-2.1.11

talloc-2.1.12

talloc-2.1.13

talloc-2.1.14

talloc-2.1.15

talloc-2.1.16

talloc-2.1.2

talloc-2.1.3

talloc-2.1.4

talloc-2.1.5

talloc-2.1.6

talloc-2.1.7

talloc-2.1.8

talloc-2.1.9

talloc-2.2.0

talloc-2.3.0

talloc-2.3.1

talloc-2.3.2

talloc-2.3.3

tdb-1.*

tdb-1.1.5

tdb-1.2.0

tdb-1.2.1

tdb-1.2.10

tdb-1.2.11

tdb-1.2.12

tdb-1.2.13

tdb-1.3.0

tdb-1.3.1

tdb-1.3.10

tdb-1.3.11

tdb-1.3.12

tdb-1.3.13

tdb-1.3.14

tdb-1.3.15

tdb-1.3.16

tdb-1.3.17

tdb-1.3.18

tdb-1.3.2

tdb-1.3.3

tdb-1.3.4

tdb-1.3.5

tdb-1.3.6

tdb-1.3.7

tdb-1.3.8

tdb-1.3.9

tdb-1.4.0

tdb-1.4.1

tdb-1.4.2

tdb-1.4.3

tdb-1.4.4

tevent-0.*

tevent-0.10.0

tevent-0.10.1

tevent-0.10.2

tevent-0.11.0

tevent-0.9.11

tevent-0.9.12

tevent-0.9.13

tevent-0.9.14

tevent-0.9.15

tevent-0.9.16

tevent-0.9.17

tevent-0.9.18

tevent-0.9.19

tevent-0.9.20

tevent-0.9.21

tevent-0.9.22

tevent-0.9.23

tevent-0.9.24

tevent-0.9.25

tevent-0.9.26

tevent-0.9.27

tevent-0.9.28

tevent-0.9.29

tevent-0.9.30

tevent-0.9.31

tevent-0.9.32

tevent-0.9.33

tevent-0.9.34

tevent-0.9.35

tevent-0.9.36

tevent-0.9.37

tevent-0.9.38

tevent-0.9.39

tevent-0.9.8

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-45141.json"