Debian Security Advisory
DSA-5205-1 samba -- security update
- Date Reported:
- 11 Aug 2022
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 1016449.
In Mitre's CVE dictionary: CVE-2022-2031, CVE-2022-32742, CVE-2022-32744, CVE-2022-32745, CVE-2022-32746.
- More information:
Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.
Luke Howard reported that Samba AD users can bypass certain restrictions associated with changing passwords. A user who has been requested to change their password can exploit this to obtain and use tickets to other services.
Luca Moro reported that a SMB1 client with write access to a share can cause server memory content to be leaked.
Joseph Sutton reported that Samba AD users can forge password change requests for any user, resulting in privilege escalation.
Joseph Sutton reported that Samba AD users can crash the server process with a specially crafted LDAP add or modify request.
Joseph Sutton and Andrew Bartlett reported that Samba AD users can cause a use-after-free in the server process with a specially crafted LDAP add or modify request.
For the stable distribution (bullseye), these problems have been fixed in version 2:4.13.13+dfsg-1~deb11u5. The fix for CVE-2022-32745 required an update to ldb 2:2.2.3-2~deb11u2 to correct the defect.
We recommend that you upgrade your samba packages.
For the detailed security status of samba please refer to its security tracker page at: https://security-tracker.debian.org/tracker/samba