Lucene search
Ubuntu.comUB:CVE-2022-37966HistoryNov 09, 2022 - 12:00 a.m.
CVE-2022-37966
2022-11-0900:00:00
ubuntu.com
ubuntu.com
78
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.029 Low
EPSS
Percentile
90.8%
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | commits come after CVE-2022-38023 and CVE-2022-45141 The focal samba update was temporarily reverted by USN 5822-2 because it introduced regressions. It was later updated again with USN 5936-1. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | samba | <Â any | UNKNOWN |
| ubuntu | 20.04 | noarch | samba | <Â 2:4.15.13+dfsg-0ubuntu0.20.04.1 | UNKNOWN |
| ubuntu | 22.04 | noarch | samba | <Â 2:4.15.13+dfsg-0ubuntu1 | UNKNOWN |
| ubuntu | 22.10 | noarch | samba | <Â 2:4.16.8+dfsg-0ubuntu1 | UNKNOWN |
| ubuntu | 23.04 | noarch | samba | <Â 2:4.17.5+dfsg-2ubuntu1 | UNKNOWN |
| ubuntu | 23.10 | noarch | samba | <Â 2:4.17.5+dfsg-2ubuntu1 | UNKNOWN |
| ubuntu | 24.04 | noarch | samba | <Â 2:4.17.5+dfsg-2ubuntu1 | UNKNOWN |
| ubuntu | 14.04 | noarch | samba | <Â any | UNKNOWN |
| ubuntu | 16.04 | noarch | samba | <Â any | UNKNOWN |
References
launchpad.net/bugs/cve/CVE-2022-37966
nvd.nist.gov/vuln/detail/CVE-2022-37966
security-tracker.debian.org/tracker/CVE-2022-37966
ubuntu.com/security/notices/USN-5822-1
ubuntu.com/security/notices/USN-5822-2
ubuntu.com/security/notices/USN-5936-1
www.cve.org/CVERecord?id=CVE-2022-37966
www.samba.org/samba/security/CVE-2022-37966.html
Related
slackware
slackware
[slackware-security] samba
2022-12-17 21:30:27
openvas
openvas
Slackware: Security Advisory (SSA:2022-351-01)
2022-12-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:0014-1)
2023-01-03 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:0126-1)
2023-01-25 00:00:00
nessus
nessus
Samba < 4.15.13 / 4.16.x < 4.16.8 / 4.17.x < 4.17.4 Multiple Vulnerabilities
2023-01-04 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : samba (SUSE-SU-2023:0222-1)
2023-02-02 00:00:00
thn
thn
cisa
cisa
Samba Releases Security Updates
2022-12-16 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.16.8-alt1
2022-12-15 00:00:00
Security fix for the ALT Linux 10 package samba version 4.16.9-alt1
2023-03-02 00:00:00
osv
osv
samba vulnerabilities
2023-03-08 13:02:34
samba regression
2023-01-26 21:36:01
samba vulnerabilities
2023-01-24 12:58:42
ubuntu
ubuntu
Samba vulnerabilities
2023-03-08 00:00:00
Samba vulnerabilities
2023-01-24 00:00:00
Samba regression
2023-01-26 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: samba-4.16.8-0.fc36
2022-12-21 01:19:35
[SECURITY] Fedora 37 Update: samba-4.17.4-0.fc37
2022-12-19 01:18:39
mageia
mageia
Updated samba packages fix security vulnerability
2023-01-24 10:58:24
nvd
nvd
redhatcve
redhatcve
veracode
veracode
Privilege Escalation
2022-12-17 19:03:44
Privilege Escalation
2022-12-22 10:44:34
Privilege Escalation
2023-01-06 11:13:34
alpinelinux
alpinelinux
samba
samba
Samba AD DC using Heimdal can be forced to
2022-12-15 00:00:00
rc4-hmac Kerberos session keys issued
2022-12-15 00:00:00
RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided
2022-12-15 00:00:00
cvelist
cvelist
CVE-2022-45141
2023-03-06 00:00:00
CVE-2022-38023 Netlogon RPC Elevation of Privilege Vulnerability
2022-11-09 00:00:00
prion
prion
Privilege escalation
2023-03-06 23:15:00
Privilege escalation
2022-11-09 22:15:00
Privilege escalation
2022-11-09 22:15:00
debiancve
debiancve
ubuntucve
ubuntucve
CVE-2022-45141
2022-12-16 00:00:00
CVE-2022-38023
2022-11-09 00:00:00
cve
cve
almalinux
almalinux
Important: samba security update
2023-02-21 00:00:00
Important: samba security update
2023-05-04 00:00:00
redhat
redhat
(RHSA-2023:2136) Important: samba security update
2023-05-04 18:15:19
(RHSA-2023:0638) Important: samba security update
2023-02-07 22:08:23
(RHSA-2023:0637) Important: samba security update
2023-02-07 21:15:49
centos
centos
ctdb, libsmbclient, libwbclient, samba security update
2023-03-08 16:28:01
mscve
mscve
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
2022-11-08 08:00:00
Netlogon RPC Elevation of Privilege Vulnerability
2022-11-08 08:00:00
rocky
rocky
samba security update
2023-05-05 15:41:05
samba security update
2023-02-22 01:08:44
oraclelinux
oraclelinux
samba security update
2023-05-04 00:00:00
samba security update
2023-02-22 00:00:00
samba security update
2023-03-08 00:00:00
amazon
amazon
Important: samba
2023-05-11 17:49:00
Important: samba
2023-05-11 18:00:00
avleonov
avleonov
mskb
mskb
November 8, 2022âKB5020005 (Security-only update)
2022-11-08 08:00:00
November 8, 2022âKB5020019 (Monthly Rollup)
2022-11-08 08:00:00
November 8, 2022âKB5020013 (Security-only update)
2022-11-08 08:00:00
gentoo
gentoo
Samba: Multiple Vulnerabilities
2023-09-17 00:00:00
qualysblog
qualysblog
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
2023-05-31 17:22:48
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
2023-05-31 17:23:24
talosblog
talosblog
kaspersky
kaspersky
KLA20045 Multiple vulnerabilities in Microsoft Products (ESU)
2022-11-08 00:00:00
KLA20047 Multiple vulnerabilities in Microsoft Windows
2022-11-08 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-3.0-0603
2023-06-26 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - November 2022
2022-11-08 20:02:57
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.029 Low
EPSS
Percentile
90.8%
Related for UB:CVE-2022-37966