Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-2127

An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manager response length. When Winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in Winbind, possibly resulting in a crash.

Published

2023-07-20T15:15:11.183

Last Modified

2024-11-21T07:00:22.237

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.9 (MEDIUM)

Weaknesses

Type: Secondary
CWE-125
Type: Primary
CWE-125

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	samba	samba	< 4.16.10	Yes
Application	samba	samba	< 4.17.9	Yes
Application	samba	samba	< 4.18.4	Yes
Operating System	redhat	enterprise_linux	6.0	Yes
Operating System	redhat	enterprise_linux	7.0	Yes
Operating System	redhat	enterprise_linux	8.0	Yes
Operating System	redhat	enterprise_linux	9.0	Yes
Operating System	fedoraproject	fedora	37	Yes
Operating System	fedoraproject	fedora	38	Yes
Operating System	debian	debian_linux	12.0	Yes

References

https://access.redhat.com/errata/RHSA-2023:6667 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2023:7139 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2024:0423 ([email protected])
https://access.redhat.com/errata/RHSA-2024:0580 ([email protected])
https://access.redhat.com/security/cve/CVE-2022-2127 Third Party Advisory ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=2222791 Issue Tracking, Third Party Advisory ([email protected])
https://www.samba.org/samba/security/CVE-2022-2127.html Mitigation, Vendor Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2023:6667 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:7139 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2024:0423 (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2024:0580 (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/security/cve/CVE-2022-2127 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=2222791 Issue Tracking, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/[email protected]/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/ (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/[email protected]/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/ (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20230731-0010/ (af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2023/dsa-5477 (af854a3a-2127-422b-91ae-364da2661108)
https://www.samba.org/samba/security/CVE-2022-2127.html Mitigation, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)