QwikSec

Security Database

CVE

CWE

Training

CVE-2022-32742

Published: Aug 25, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control the area of the server memory written to the file (or printer).

Vendor	Product	Versions
n/a	samba	affected `Versions prior to samba 4.16.4, samba 4.15.9, samba 4.14.14`

Weaknesses (CWE)

References

https://www.samba.org/samba/security/CVE-2022-32742.html

vendor-advisory

[debian-lts-announce] 20240422 [SECURITY] [DLA 3792-1] samba security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.