Updated ldb/samba/sssd packages fix security vulnerability

2022-08-2600:21:07

Gentoo Foundation

advisories.mageia.org

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.038 Low

EPSS

Percentile

91.7%

JSON

Fixed AD restrictions bypass associated with changing passwords (bsc#1201495). (CVE-2022-2031) Fixed a memory leak in SMB1 (bsc#1201496). (CVE-2022-32742) Fixed an arbitrary password change request for any AD user (bsc#1201493). (CVE-2022-32744) Fixed a remote server crash with an LDAP add or modify request (bsc#1201492) (CVE-2022-32745) Fixed a use-after-free occurring in database audit logging (bsc#1201490). (CVE-2022-32746)

OSVersionArchitecturePackageVersionFilename
Mageia8noarchldb< 2.3.4-1ldb-2.3.4-1.mga8
Mageia8noarchsamba< 4.14.14-1samba-4.14.14-1.mga8
Mageia8noarchsssd< 2.4.0-1.4sssd-2.4.0-1.4.mga8