CVE-2022-32742

Summary

CVE	CVE-2022-32742
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-08-25 18:15:00 UTC
Updated	2023-09-17 09:15:00 UTC
Description	A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control the area of the server memory written to the file (or printer).

Risk And Classification

Problem Types: NVD-CWE-noinfo

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Samba	Samba	All	All	All	All

References

Reference	Source	Link	Tags
Samba - Security Announcement Archive	MISC	www.samba.org
Samba: Multiple Vulnerabilities (GLSA 202309-06) — Gentoo security	GENTOO	security.gentoo.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

160170 Oracle Enterprise Linux Security Update for samba (ELSA-2022-7111)
160303 Oracle Enterprise Linux Security Update for samba (ELSA-2022-8317)
180933 Debian Security Update for samba (DSA 5205-1)
184924 Debian Security Update for samba (CVE-2022-32742)
198878 Ubuntu Security Notification for Samba Vulnerabilities (USN-5542-1)
240749 Red Hat Update for samba security (RHSA-2022:7056)
240771 Red Hat Update for samba (RHSA-2022:7111)
240875 Red Hat Update for samba security (RHSA-2022:8317)
282994 Fedora Security Update for libldb (FEDORA-2022-19600c9743)
283042 Fedora Security Update for libldb (FEDORA-2022-1479911a38)
354257 Amazon Linux Security Advisory for samba : ALAS-2022-1642
354483 Amazon Linux Security Advisory for samba : ALAS2022-2022-213
354554 Amazon Linux Security Advisory for samba : ALAS-2022-213
355336 Amazon Linux Security Advisory for samba : ALAS2023-2023-032
355694 Amazon Linux Security Advisory for samba : ALAS2-2023-2166
377745 Alibaba Cloud Linux Security Update for samba (ALINUX3-SA-2022:0176)
502579 Alpine Linux Security Update for samba
502620 Alpine Linux Security Update for samba
502789 Alpine Linux Security Update for samba
503810 Alpine Linux Security Update for samba
505682 Alpine Linux Security Update for samba
672166 EulerOS Security Update for samba (EulerOS-SA-2022-2449)
672182 EulerOS Security Update for samba (EulerOS-SA-2022-2480)
672272 EulerOS Security Update for samba (EulerOS-SA-2022-2697)
672309 EulerOS Security Update for samba (EulerOS-SA-2022-2665)
672337 EulerOS Security Update for samba (EulerOS-SA-2022-2778)
672393 EulerOS Security Update for samba (EulerOS-SA-2022-2743)
690958 Free Berkeley Software Distribution (FreeBSD) Security Update for samba (f9140ad4-4920-11ed-a07e-080027f5fec9)
710751 Gentoo Linux Samba Multiple Vulnerabilities (GLSA 202309-06)
752401 SUSE Enterprise Linux Security Update for samba (SUSE-SU-2022:2585-1)
752402 SUSE Enterprise Linux Security Update for samba (SUSE-SU-2022:2582-1)
752403 SUSE Enterprise Linux Security Update for ldb, samba (SUSE-SU-2022:2586-1)
752408 SUSE Enterprise Linux Security Update for samba (SUSE-SU-2022:2598-1)
752416 SUSE Enterprise Linux Security Update for samba (SUSE-SU-2022:2621-1)
752436 SUSE Enterprise Linux Security Update for samba (SUSE-SU-2022:2651-1)
752438 SUSE Enterprise Linux Security Update for ldb, samba (SUSE-SU-2022:2659-1)
752999 SUSE Enterprise Linux Security Update for samba (SUSE-SU-2022:4395-1)
753517 SUSE Enterprise Linux Security Update for samba (SUSE-SU-2023:0081-1)
753587 SUSE Enterprise Linux Security Update for samba (SUSE-SU-2023:0160-1)
903812 Common Base Linux Mariner (CBL-Mariner) Security Update for samba (10736)
940716 AlmaLinux Security Update for samba (ALSA-2022:7111)
940792 AlmaLinux Security Update for samba (ALSA-2022:8317)
960328 Rocky Linux Security Update for samba (RLSA-2022:7111)
960470 Rocky Linux Security Update for samba (RLSA-2022:8317)