CVE-2022-0336

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-0336
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-0336.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-0336
Related
Published
2022-08-29T15:15:09Z
Modified
2024-09-18T03:20:48.903695Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity.

References

Affected packages

Alpine:v3.15 / samba

Package

Name
samba
Purl
pkg:apk/alpine/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.15.12-r0

Affected versions

3.*

3.2.8-r0
3.2.8-r1
3.2.10-r0
3.2.11-r0
3.2.11-r1
3.3.4-r0
3.3.5-r0
3.3.5-r1
3.3.5-r2
3.3.6-r0
3.3.7-r0
3.3.7-r1
3.3.7-r2
3.3.7-r3
3.3.7-r4
3.3.8-r0
3.4.3-r0
3.4.3-r1
3.4.4-r0
3.4.5-r0
3.4.5-r1
3.4.7-r0
3.4.7-r1
3.5.2-r0
3.5.3-r0
3.5.4-r0
3.5.4-r1
3.5.5-r0
3.5.6-r0
3.5.6-r1
3.5.6-r2
3.5.6-r3
3.5.6-r4
3.5.7-r0
3.5.8-r0
3.5.9-r0
3.5.9-r1
3.5.10-r0
3.5.11-r0
3.6.1-r0
3.6.1-r1
3.6.1-r2
3.6.2-r0
3.6.3-r0
3.6.4-r0
3.6.4-r1
3.6.5-r0
3.6.6-r0
3.6.7-r0
3.6.7-r1
3.6.8-r0
3.6.8-r1
3.6.9-r0
3.6.10-r0
3.6.11-r0
3.6.12-r0
3.6.13-r0
3.6.13-r1
3.6.15-r0
3.6.16-r0
3.6.19-r0
3.6.19-r1

4.*

4.1.0-r1
4.1.0-r2
4.1.1-r0
4.1.2-r0
4.1.3-r0
4.1.3-r1
4.1.3-r2
4.1.4-r0
4.1.5-r0
4.1.5-r1
4.1.6-r0
4.1.7-r0
4.1.8-r0
4.1.9-r0
4.1.10-r0
4.1.11-r0
4.1.12-r0
4.1.13-r0
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.16-r0
4.1.17-r0
4.2.0-r0
4.2.0-r1
4.2.1-r0
4.2.1-r1
4.2.1-r2
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.7-r0
4.2.9-r0
4.2.9-r1
4.4.2-r0
4.4.2-r1
4.4.3-r0
4.4.4-r0
4.4.5-r0
4.4.5-r1
4.5.1-r0
4.5.3-r0
4.5.3-r1
4.5.4-r0
4.6.0-r0
4.6.1-r0
4.6.1-r1
4.6.1-r2
4.6.4-r0
4.6.5-r0
4.6.6-r0
4.6.6-r1
4.7.0-r0
4.7.0-r1
4.7.0-r2
4.7.1-r0
4.7.2-r0
4.7.3-r0
4.7.4-r0
4.7.6-r0
4.8.0-r0
4.8.1-r0
4.8.2-r0
4.8.2-r1
4.8.4-r0
4.8.4-r1
4.8.5-r0
4.8.7-r0
4.8.8-r0
4.8.11-r0
4.8.11-r1
4.10.2-r0
4.10.3-r0
4.10.4-r0
4.10.4-r1
4.10.5-r0
4.10.6-r0
4.10.8-r0
4.10.8-r1
4.11.1-r0
4.11.2-r0
4.11.2-r1
4.11.2-r2
4.11.3-r0
4.11.4-r0
4.11.4-r1
4.11.5-r0
4.11.6-r0
4.12.0-r0
4.12.1-r0
4.12.2-r0
4.12.2-r1
4.12.2-r2
4.12.5-r0
4.12.6-r0
4.12.7-r0
4.12.8-r0
4.12.9-r0
4.13.2-r0
4.13.2-r1
4.13.3-r0
4.13.3-r1
4.13.3-r2
4.13.5-r0
4.14.2-r0
4.14.2-r1
4.14.4-r0
4.14.5-r0
4.14.6-r0
4.14.6-r1
4.15.0-r0
4.15.1-r0
4.15.1-r1
4.15.2-r0
4.15.5-r0

Alpine:v3.16 / samba

Package

Name
samba
Purl
pkg:apk/alpine/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.15.12-r0

Affected versions

3.*

3.2.8-r0
3.2.8-r1
3.2.10-r0
3.2.11-r0
3.2.11-r1
3.3.4-r0
3.3.5-r0
3.3.5-r1
3.3.5-r2
3.3.6-r0
3.3.7-r0
3.3.7-r1
3.3.7-r2
3.3.7-r3
3.3.7-r4
3.3.8-r0
3.4.3-r0
3.4.3-r1
3.4.4-r0
3.4.5-r0
3.4.5-r1
3.4.7-r0
3.4.7-r1
3.5.2-r0
3.5.3-r0
3.5.4-r0
3.5.4-r1
3.5.5-r0
3.5.6-r0
3.5.6-r1
3.5.6-r2
3.5.6-r3
3.5.6-r4
3.5.7-r0
3.5.8-r0
3.5.9-r0
3.5.9-r1
3.5.10-r0
3.5.11-r0
3.6.1-r0
3.6.1-r1
3.6.1-r2
3.6.2-r0
3.6.3-r0
3.6.4-r0
3.6.4-r1
3.6.5-r0
3.6.6-r0
3.6.7-r0
3.6.7-r1
3.6.8-r0
3.6.8-r1
3.6.9-r0
3.6.10-r0
3.6.11-r0
3.6.12-r0
3.6.13-r0
3.6.13-r1
3.6.15-r0
3.6.16-r0
3.6.19-r0
3.6.19-r1

4.*

4.1.0-r1
4.1.0-r2
4.1.1-r0
4.1.2-r0
4.1.3-r0
4.1.3-r1
4.1.3-r2
4.1.4-r0
4.1.5-r0
4.1.5-r1
4.1.6-r0
4.1.7-r0
4.1.8-r0
4.1.9-r0
4.1.10-r0
4.1.11-r0
4.1.12-r0
4.1.13-r0
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.16-r0
4.1.17-r0
4.2.0-r0
4.2.0-r1
4.2.1-r0
4.2.1-r1
4.2.1-r2
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.7-r0
4.2.9-r0
4.2.9-r1
4.4.2-r0
4.4.2-r1
4.4.3-r0
4.4.4-r0
4.4.5-r0
4.4.5-r1
4.5.1-r0
4.5.3-r0
4.5.3-r1
4.5.4-r0
4.6.0-r0
4.6.1-r0
4.6.1-r1
4.6.1-r2
4.6.4-r0
4.6.5-r0
4.6.6-r0
4.6.6-r1
4.7.0-r0
4.7.0-r1
4.7.0-r2
4.7.1-r0
4.7.2-r0
4.7.3-r0
4.7.4-r0
4.7.6-r0
4.8.0-r0
4.8.1-r0
4.8.2-r0
4.8.2-r1
4.8.4-r0
4.8.4-r1
4.8.5-r0
4.8.7-r0
4.8.8-r0
4.8.11-r0
4.8.11-r1
4.10.2-r0
4.10.3-r0
4.10.4-r0
4.10.4-r1
4.10.5-r0
4.10.6-r0
4.10.8-r0
4.10.8-r1
4.11.1-r0
4.11.2-r0
4.11.2-r1
4.11.2-r2
4.11.3-r0
4.11.4-r0
4.11.4-r1
4.11.5-r0
4.11.6-r0
4.12.0-r0
4.12.1-r0
4.12.2-r0
4.12.2-r1
4.12.2-r2
4.12.5-r0
4.12.6-r0
4.12.7-r0
4.12.8-r0
4.12.9-r0
4.13.2-r0
4.13.2-r1
4.13.3-r0
4.13.3-r1
4.13.3-r2
4.13.5-r0
4.14.2-r0
4.14.2-r1
4.14.4-r0
4.14.5-r0
4.14.6-r0
4.14.6-r1
4.15.0-r0
4.15.1-r0
4.15.1-r1
4.15.2-r0
4.15.3-r0
4.15.3-r1
4.15.5-r0
4.15.5-r1
4.15.6-r0
4.15.7-r0

Debian:11 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:4.13.13+dfsg-1~deb11u3

Affected versions

2:4.*

2:4.13.5+dfsg-2
2:4.13.13+dfsg-1~deb11u1
2:4.13.13+dfsg-1~deb11u2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:4.16.0+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:4.16.0+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/samba-team/samba

Affected ranges

Type
GIT
Repo
https://github.com/samba-team/samba
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

ldb-1.*

ldb-1.1.0
ldb-1.1.10
ldb-1.1.11
ldb-1.1.12
ldb-1.1.13
ldb-1.1.14
ldb-1.1.15
ldb-1.1.16
ldb-1.1.17
ldb-1.1.18
ldb-1.1.19
ldb-1.1.2
ldb-1.1.20
ldb-1.1.21
ldb-1.1.22
ldb-1.1.23
ldb-1.1.24
ldb-1.1.25
ldb-1.1.26
ldb-1.1.27
ldb-1.1.28
ldb-1.1.29
ldb-1.1.3
ldb-1.1.30
ldb-1.1.31
ldb-1.1.4
ldb-1.1.5
ldb-1.1.6
ldb-1.1.8
ldb-1.1.9
ldb-1.2.0
ldb-1.2.1
ldb-1.2.2
ldb-1.3.0
ldb-1.3.1
ldb-1.3.2
ldb-1.4.0
ldb-1.4.1
ldb-1.5.0
ldb-1.5.1
ldb-1.5.2
ldb-1.6.1
ldb-1.6.2
ldb-1.6.3

ldb-2.*

ldb-2.0.5
ldb-2.1.0
ldb-2.1.1
ldb-2.2.0
ldb-2.4.0
ldb-2.5.0
ldb-2.6.0

samba-4.*

samba-4.0.0alpha10
samba-4.0.0alpha11
samba-4.0.0alpha13
samba-4.0.0alpha14
samba-4.0.0alpha15
samba-4.0.0alpha16
samba-4.0.0alpha17
samba-4.0.0alpha18
samba-4.0.0alpha19
samba-4.0.0alpha20
samba-4.0.0alpha21
samba-4.0.0alpha6
samba-4.0.0alpha7
samba-4.0.0alpha8
samba-4.0.0alpha9
samba-4.0.0beta1
samba-4.0.0beta2
samba-4.0.0beta3
samba-4.0.0beta4
samba-4.0.0beta5
samba-4.0.0beta6
samba-4.0.0beta7
samba-4.0.0beta8
samba-4.0.0rc1
samba-4.10.0rc1
samba-4.11.0rc1
samba-4.12.0rc1
samba-4.13.0rc1
samba-4.14.0rc1
samba-4.15.0rc1
samba-4.16.0rc1
samba-4.2.0rc1
samba-4.3.0rc1
samba-4.4.0rc1
samba-4.5.0rc1
samba-4.6.0rc1
samba-4.7.0rc1
samba-4.8.0rc1
samba-4.9.0rc1

talloc-1.*

talloc-1.3.1

talloc-2.*

talloc-2.0.0
talloc-2.0.1
talloc-2.0.7
talloc-2.0.8
talloc-2.1.0
talloc-2.1.1
talloc-2.1.10
talloc-2.1.11
talloc-2.1.12
talloc-2.1.13
talloc-2.1.14
talloc-2.1.15
talloc-2.1.16
talloc-2.1.2
talloc-2.1.3
talloc-2.1.4
talloc-2.1.5
talloc-2.1.6
talloc-2.1.7
talloc-2.1.8
talloc-2.1.9
talloc-2.2.0
talloc-2.3.0
talloc-2.3.1
talloc-2.3.2
talloc-2.3.3

tdb-1.*

tdb-1.1.5
tdb-1.2.0
tdb-1.2.1
tdb-1.2.10
tdb-1.2.11
tdb-1.2.12
tdb-1.2.13
tdb-1.3.0
tdb-1.3.1
tdb-1.3.10
tdb-1.3.11
tdb-1.3.12
tdb-1.3.13
tdb-1.3.14
tdb-1.3.15
tdb-1.3.16
tdb-1.3.17
tdb-1.3.18
tdb-1.3.2
tdb-1.3.3
tdb-1.3.4
tdb-1.3.5
tdb-1.3.6
tdb-1.3.7
tdb-1.3.8
tdb-1.3.9
tdb-1.4.0
tdb-1.4.1
tdb-1.4.2
tdb-1.4.3
tdb-1.4.4
tdb-1.4.5
tdb-1.4.6

tevent-0.*

tevent-0.10.0
tevent-0.10.1
tevent-0.10.2
tevent-0.11.0
tevent-0.9.11
tevent-0.9.12
tevent-0.9.13
tevent-0.9.14
tevent-0.9.15
tevent-0.9.16
tevent-0.9.17
tevent-0.9.18
tevent-0.9.19
tevent-0.9.20
tevent-0.9.21
tevent-0.9.22
tevent-0.9.23
tevent-0.9.24
tevent-0.9.25
tevent-0.9.26
tevent-0.9.27
tevent-0.9.28
tevent-0.9.29
tevent-0.9.30
tevent-0.9.31
tevent-0.9.32
tevent-0.9.33
tevent-0.9.34
tevent-0.9.35
tevent-0.9.36
tevent-0.9.37
tevent-0.9.38
tevent-0.9.39
tevent-0.9.8