CVE-2022-32745

Опубликовано: 27 июл. 2022

Источник: redhat

CVSS3: 5.4

EPSS Низкий

Описание

A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.

Отчет

Red Hat Enterprise Linux is not affected by this flaw as Samba AD (Active Directory) doesn't get built in RHEL.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	samba	Not affected
Red Hat Enterprise Linux 6	samba4	Not affected
Red Hat Enterprise Linux 7	samba	Not affected
Red Hat Enterprise Linux 8	samba	Not affected
Red Hat Enterprise Linux 9	samba	Not affected
Red Hat Storage 3	samba	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-125

Дефект:

CWE-457

https://bugzilla.redhat.com/show_bug.cgi?id=2108211samba: AD users can crash the server process with an LDAP add or modify request

EPSS

Процентиль: 54%

0.00319

Низкий

5.4 Medium

CVSS3

Связанные уязвимости

CVE-2022-32745

CVSS3: 8.1

ubuntu

почти 3 года назад

A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.

CVE-2022-32745

CVSS3: 8.1

nvd

почти 3 года назад

A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.

CVE-2022-32745

CVSS3: 8.1

msrc

8 месяцев назад

Описание отсутствует

CVE-2022-32745

CVSS3: 8.1

debian

почти 3 года назад

A flaw was found in Samba. Samba AD users can cause the server to acce ...

GHSA-q9mh-p233-5pvv

CVSS3: 8.1

github

почти 3 года назад

A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.

EPSS

Процентиль: 54%

0.00319

Низкий

5.4 Medium

CVSS3