CVE-2022-3437

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes() and unwrapdes3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.

References

Affected packages

Git / github.com/samba-team/samba

Affected ranges

Type

GIT

Repo

https://github.com/samba-team/samba

Events

Introduced

df33344d8eb40221d60c99931690703a11d91bc2

Fixed

37595203ef30b1a631b94075328f8d0d604e6e71

Introduced

e95d85f784ae6b19f2cb42cc9039b60b146e5b69

Fixed

dc74e56c03d3aa95ec6b2e44f9ff3b22ee1e380b

Introduced

fbec737d9d3d992b54f52defcba62a304efef8f7

Fixed

21f995104c870cdfbdb0db61e290b2da8bc87ee1

Database specific

{
    "versions": [
        {
            "introduced": "4.0.0"
        },
        {
            "fixed": "4.15.11"
        },
        {
            "introduced": "4.16.0"
        },
        {
            "fixed": "4.16.6"
        },
        {
            "introduced": "4.17.0"
        },
        {
            "fixed": "4.17.2"
        }
    ]
}

Affected versions

ldb-2.*

ldb-2.5.1

ldb-2.5.2

samba-4.*

samba-4.16.0

samba-4.16.1

samba-4.16.2

samba-4.16.3

samba-4.16.4

samba-4.16.5

samba-4.17.0

samba-4.17.1

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "36"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "37"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-3437.json"