CVE-2022-32746
25.08.2022, 18:15
A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| samba | samba | 4.3.0 ≤ 𝑥 < 4.14.14 |
| samba | samba | 4.15.0 ≤ 𝑥 < 4.15.9 |
| samba | samba | 4.16.0 ≤ 𝑥 < 4.16.4 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ldb |
| ||||||||||||||||||||
| samba |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ldb-tools |
| ||||||||||||||||||||||||
| libldb-devel |
| ||||||||||||||||||||||||
| libldb2 |
| ||||||||||||||||||||||||
| libldb2-32bit |
| ||||||||||||||||||||||||
| python3-ldb |
| ||||||||||||||||||||||||
| python3-ldb-devel |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||||
|---|---|---|---|---|---|
| ldb-tools |
| ||||
| libldb |
| ||||
| libldb-devel |
| ||||
| python-ldb-devel-common |
| ||||
| python3-ldb |
| ||||
| python3-ldb-devel |
|
Common Weakness Enumeration