← volver
CVE-2022-2127

Samba: out-of-bounds read in winbind auth_crap

CVSS 5.9 MEDIUMEPSS 1.5%CWE-125
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.9EPSS 1.5%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
20 jul 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manager response length. When Winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in Winbind, possibly resulting in a crash.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Productos afectados
Red Hat · Red Hat Enterprise Linux 6Red Hat · Red Hat Enterprise Linux 7Red Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 8.6 Extended Update SupportRed Hat · Red Hat Enterprise Linux 8.8 Extended Update SupportRed Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Storage 3Red Hat · Red Hat Virtualization 4 for Red Hat Enterprise Linux 8

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://access.redhat.com/errata/RHSA-2023:6667https://access.redhat.com/errata/RHSA-2023:7139https://access.redhat.com/errata/RHSA-2024:0423https://access.redhat.com/errata/RHSA-2024:0580https://access.redhat.com/security/cve/CVE-2022-2127https://bugzilla.redhat.com/show_bug.cgi?id=2222791https://lists.debian.org/debian-lts-announce/2024/04/msg00015.htmlhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/https://security.netapp.com/advisory/ntap-20230731-0010/https://www.debian.org/security/2023/dsa-5477https://www.samba.org/samba/security/CVE-2022-2127.html