CVE-2022-2127

An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manager response length. When Winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in Winbind, possibly resulting in a crash.

CVSS v3 5.9 MEDIUM

5.9^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2023:6667	Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7139	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0423
https://access.redhat.com/errata/RHSA-2024:0580
https://access.redhat.com/security/cve/CVE-2022-2127	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2222791	Issue Tracking Third Party Advisory
https://www.samba.org/samba/security/CVE-2022-2127.html	Mitigation Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:samba:samba::::::::
	cpe:2.3:a:samba:samba::::::::
	cpe:2.3:a:samba:samba::::::::

Configuration 2 (hide)

OR	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*

Configuration 3 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:37:::::::*
	cpe:2.3:o:fedoraproject:fedora:38:::::::*

Configuration 4 (hide)

cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*

History

16 Sep 2024, 13:15

Type	Values Removed	Values Added
References	~~{'url': 'https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html', 'source': 'secalert@redhat.com'}~~ {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/', 'tags': ['Mailing List', 'Third Party Advisory'], 'source': 'secalert@redhat.com'} ~~{'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/', 'tags': ['Mailing List'], 'source': 'secalert@redhat.com'}~~ ~~{'url': 'https://security.netapp.com/advisory/ntap-20230731-0010/', 'tags': ['Third Party Advisory'], 'source': 'secalert@redhat.com'}~~ ~~{'url': 'https://www.debian.org/security/2023/dsa-5477', 'tags': ['Third Party Advisory'], 'source': 'secalert@redhat.com'}~~

22 Apr 2024, 16:15

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html -

30 Jan 2024, 16:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2024:0580 -

25 Jan 2024, 20:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2024:0423 -

27 Dec 2023, 22:05

Type	Values Removed	Values Added
References	~~(MISC) https://www.debian.org/security/2023/dsa-5477 -~~	(MISC) https://www.debian.org/security/2023/dsa-5477 - Third Party Advisory
References	~~() https://access.redhat.com/errata/RHSA-2023:7139 -~~	() https://access.redhat.com/errata/RHSA-2023:7139 - Third Party Advisory
References	~~() https://access.redhat.com/errata/RHSA-2023:6667 -~~	() https://access.redhat.com/errata/RHSA-2023:6667 - Third Party Advisory
References	~~(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/ - Third Party Advisory~~	(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/ - Mailing List
First Time		Debian debian Linux Debian
CPE		cpe:2.3:o:debian:debian_linux:12.0:::::::*

14 Nov 2023, 21:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2023:7139 -

07 Nov 2023, 14:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2023:6667 -

15 Aug 2023, 04:15

Type	Values Removed	Values Added
References		(MISC) https://www.debian.org/security/2023/dsa-5477 -

08 Aug 2023, 19:11

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.5~~	v2 : unknown v3 : 5.9
References	~~(MISC) https://security.netapp.com/advisory/ntap-20230731-0010/ -~~	(MISC) https://security.netapp.com/advisory/ntap-20230731-0010/ - Third Party Advisory
References	~~(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/ -~~	(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/ - Third Party Advisory
CPE		cpe:2.3:o:fedoraproject:fedora:37:::::::*

05 Aug 2023, 03:15

Type	Values Removed	Values Added
References		(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/ -

31 Jul 2023, 19:15

Type	Values Removed	Values Added
References		(MISC) https://security.netapp.com/advisory/ntap-20230731-0010/ -

28 Jul 2023, 22:00

Type	Values Removed	Values Added
CPE		cpe:2.3:a:samba:samba:::::::: cpe:2.3:o:redhat:enterprise_linux:9.0:::::::* cpe:2.3:o:redhat:enterprise_linux:6.0:::::::* cpe:2.3:o:fedoraproject:fedora:38:::::::* cpe:2.3:o:redhat:enterprise_linux:7.0:::::::* cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
References	~~(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/ -~~	(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/ - Mailing List, Third Party Advisory
References	~~(MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2222791 -~~	(MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2222791 - Issue Tracking, Third Party Advisory
References	~~(MISC) https://access.redhat.com/security/cve/CVE-2022-2127 -~~	(MISC) https://access.redhat.com/security/cve/CVE-2022-2127 - Third Party Advisory
References	~~(MISC) https://www.samba.org/samba/security/CVE-2022-2127.html -~~	(MISC) https://www.samba.org/samba/security/CVE-2022-2127.html - Mitigation, Vendor Advisory
First Time		Fedoraproject fedora Fedoraproject Redhat Samba samba Samba Redhat enterprise Linux
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
CWE		CWE-125

22 Jul 2023, 03:15

Type	Values Removed	Values Added
References		(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/ -

20 Jul 2023, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-07-20 15:15

Updated : 2024-09-16 13:15

NVD link : CVE-2022-2127

Mitre link : CVE-2022-2127

CVE.ORG link : CVE-2022-2127

JSON object : View

Products Affected

debian

debian_linux

samba

samba

redhat

enterprise_linux

fedoraproject

fedora

CWE

CWE-125

Out-of-bounds Read

5.9 /10