5.9

CVE-2022-2127

EPSS 1.25%
Published 20.07.2023 15:15:11
Last modified 21.11.2024 07:00:22
Source secalert@redhat.com
Teams watchlist Login
Open Login

An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manager response length. When Winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in Winbind, possibly resulting in a crash.

Affected products Warnungen 0 Metrics 3 CWE 1 References 15

Data is provided by the National Vulnerability Database (NVD)

Samba ≫ Samba Version >= 4.16.0 < 4.16.10

Samba ≫ Samba Version >= 4.17.0 < 4.17.9

Samba ≫ Samba Version >= 4.18.0 < 4.18.4

Redhat ≫ Enterprise Linux Version6.0

Redhat ≫ Enterprise Linux Version7.0

Redhat ≫ Enterprise Linux Version8.0

Redhat ≫ Enterprise Linux Version9.0

Fedoraproject ≫ Fedora Version37

Fedoraproject ≫ Fedora Version38

Debian ≫ Debian Linux Version12.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.25%	0.786

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
secalert@redhat.com	5.9	2.2	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

https://access.redhat.com/errata/RHSA-2023:6667

Third Party Advisory

https://access.redhat.com/errata/RHSA-2023:7139

Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:0423

https://access.redhat.com/errata/RHSA-2024:0580

https://access.redhat.com/security/cve/CVE-2022-2127

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2222791

Third Party Advisory

Issue Tracking

https://www.samba.org/samba/security/CVE-2022-2127.html

Vendor Advisory

Mitigation

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/

https://security.netapp.com/advisory/ntap-20230731-0010/

https://www.debian.org/security/2023/dsa-5477

https://nvd.nist.gov/vuln/detail/CVE-2022-2127

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-2127

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-2127

EUVD