CVE-2022-3437

2023-01-1200:00:00

CWE-122

redhat

github.com

samba

gssapi

heap-based overflow

AI Score

6.8

Confidence

High

EPSS

0.022

Percentile

89.6%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:samba:samba:4.15.11:*:*:*:*:*:*:*"
    ],
    "vendor": "samba",
    "product": "samba",
    "versions": [
      {
        "status": "unknown",
        "version": "4.15.11"
      }
    ],
    "defaultStatus": "unknown"
  }
]