Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2022-3437

Published: 27 October 2022

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.

Notes

AuthorNote
mdeslaur 
The focal samba update was temporarily reverted by USN 5822-2
because it introduced regressions. It was later updated again
with USN 5936-1.
rodrigo-zaiden 
heimdal patch f6edaafc introduced a new issue, assigned as
CVE-2022-45142.

Priority

Medium

Cvss 3 Severity Score

6.5

Score breakdown

Status

Package Release Status
heimdal
Launchpad, Ubuntu, Debian 		bionic
Released (7.5.0+dfsg-1ubuntu0.3)
focal
Released (7.7.0+dfsg-1ubuntu1.3)
jammy Needed

kinetic Ignored
(end of life, was needed)
lunar Not vulnerable
(7.8.git20221117.28daf24+dfsg-1ubuntu1)
mantic Not vulnerable
(7.8.git20221117.28daf24+dfsg-1ubuntu1)
trusty
Released (1.6~git20131207+dfsg-1ubuntu1.2+esm3)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only)
upstream
Released (7.7.1, 7.8, 7.8.git20221115.a6cf945+dfsg-1)
xenial
Released (1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm3)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only)
Patches:
upstream: https://github.com/heimdal/heimdal/commit/f6edaafcfefd843ca1b1a041f942a853d85ee7c3
upstream: https://github.com/heimdal/heimdal/commit/c9cc34334bd64b08fe91a2f720262462e9f6bb49
upstream: https://github.com/heimdal/heimdal/commit/a587a4bcb28d5b9047f332573b1e7c8f89ca3edd
upstream: https://github.com/heimdal/heimdal/commit/c758910eaad3c0de2cfb68830a661c4739675a7d
upstream: https://github.com/heimdal/heimdal/commit/414b2a77fd61c26d64562e3800dc5578d9d0f15d
upstream: https://github.com/heimdal/heimdal/commit/be9bbd93ed8f204b4bc1b92d1bc3c16aac194696
upstream: https://github.com/heimdal/heimdal/commit/c8407ca079294d76a5ed140ba5b546f870d23ed2
upstream: https://github.com/heimdal/heimdal/commit/8fb508a25a6a47289c73e3f4339352a73a396eef






















Binaries built from this source package are in Universe and so are supported by the community.
samba
Launchpad, Ubuntu, Debian 		bionic Needed

focal
Released (2:4.15.13+dfsg-0ubuntu0.20.04.1)
jammy
Released (2:4.15.13+dfsg-0ubuntu1)
kinetic
Released (2:4.16.8+dfsg-0ubuntu1)
lunar
Released (2:4.17.3+dfsg-3ubuntu1)
mantic
Released (2:4.17.3+dfsg-3ubuntu1)
trusty Needs triage

upstream
Released (2:4.16.6+dfsg-1,4.15.11,4.16.6,4.17.2)
xenial Needs triage

Patches:








upstream: https://git.samba.org/?p=samba.git;a=commit;h=0eaa68d1935236c0a6188ba1ba078db507887e6c
upstream: https://git.samba.org/?p=samba.git;a=commit;h=c5dd87f488820e180649e6fd3597bce4ffa24fdc
upstream: https://git.samba.org/?p=samba.git;a=commit;h=03eefa45d38ca3eade2018767421bb60ba65d58b
upstream: https://git.samba.org/?p=samba.git;a=commit;h=e3c314ed69f99db1c797772fbda83820352d5387
upstream: https://git.samba.org/?p=samba.git;a=commit;h=9ca9408c5edf807de9fba9f59eabd899c79458a9
upstream: https://git.samba.org/?p=samba.git;a=commit;h=c944773adc421b3f85a8166fa2d9733e3e9a10c2
upstream: https://git.samba.org/?p=samba.git;a=commit;h=e1c2e2836efaa895d817b5611bf908284c3d415d
upstream: https://git.samba.org/?p=samba.git;a=commit;h=de77f0159873fb0c569c02cee5aa492af8e3f461
upstream: https://git.samba.org/?p=samba.git;a=commit;h=d16ac1f4057ec0c26768f04f00c512abf271be7f
upstream: https://git.samba.org/?p=samba.git;a=commit;h=22dd9072c9f964931db931ee0b638a9799e947ca
upstream: https://git.samba.org/?p=samba.git;a=commit;h=5c31d5beb3bed6b28c8d648d889c47e69c16cc8e
upstream: https://git.samba.org/?p=samba.git;a=commit;h=fe1204d9da2c6f761c4dc4421f67057b10eaf430
upstream: https://git.samba.org/?p=samba.git;a=commit;h=a49a3ac8e082921c2793a073b5991c4693f167ab
upstream: https://git.samba.org/?p=samba.git;a=commit;h=310bffc085514f9ceba5b3501ddef15807c53809
upstream: https://git.samba.org/?p=samba.git;a=commit;h=c22914f845b3eba1c9ad444333f3d044352b7e2c
upstream: https://git.samba.org/?p=samba.git;a=commit;h=5f6dbf2ab29bcd30c701cab3daecf5a6a53a44cd
upstream: https://git.samba.org/?p=samba.git;a=commit;h=9f6f1e01aca4f00a5d23127803c81939253e0577
upstream: https://git.samba.org/?p=samba.git;a=commit;h=5a62eb5734d50fe556934aefa3bac5698372f00e
upstream: https://git.samba.org/?p=samba.git;a=commit;h=ebac8bf0478e19849f83af6d44b73d7ab3afd25b
upstream: https://git.samba.org/?p=samba.git;a=commit;h=1aca34515515f2cb00fbf5ad8b9212b319f01836
upstream: https://git.samba.org/?p=samba.git;a=commit;h=77e0f2febaaf4d6e5e42f8e73a1f8f3c0e4a2985
upstream: https://git.samba.org/?p=samba.git;a=commit;h=e9db03736007721e37c4fba847ce4aa0c4520924

Severity score breakdown

Parameter Value
Base score 6.5
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality None
Integrity impact None
Availability impact High
Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading