vulnerability

SUSE: CVE-2022-3437: SUSE Linux Security Advisory

Try Surface Command
Back to search
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:C)
Published
Dec 9, 2022
Added
Dec 12, 2022
Modified
Jan 28, 2025

Description

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.

Solutions

suse-upgrade-ctdbsuse-upgrade-ctdb-pcp-pmdasuse-upgrade-libasn1-8suse-upgrade-libgssapi3suse-upgrade-libhcrypto4suse-upgrade-libhdb9suse-upgrade-libheimbase1suse-upgrade-libheimdal-develsuse-upgrade-libheimedit0suse-upgrade-libheimntlm0suse-upgrade-libhx509-5suse-upgrade-libkadm5clnt7suse-upgrade-libkadm5srv8suse-upgrade-libkafs0suse-upgrade-libkdc2suse-upgrade-libkrb5-26suse-upgrade-libotp0suse-upgrade-libroken18suse-upgrade-libsamba-policy-develsuse-upgrade-libsamba-policy-python3-develsuse-upgrade-libsamba-policy0-python3suse-upgrade-libsamba-policy0-python3-32bitsuse-upgrade-libsamba-policy0-python3-64bitsuse-upgrade-libsl0suse-upgrade-libwind0suse-upgrade-sambasuse-upgrade-samba-ad-dcsuse-upgrade-samba-ad-dc-libssuse-upgrade-samba-ad-dc-libs-32bitsuse-upgrade-samba-cephsuse-upgrade-samba-clientsuse-upgrade-samba-client-32bitsuse-upgrade-samba-client-64bitsuse-upgrade-samba-client-libssuse-upgrade-samba-client-libs-32bitsuse-upgrade-samba-develsuse-upgrade-samba-devel-32bitsuse-upgrade-samba-docsuse-upgrade-samba-dsdb-modulessuse-upgrade-samba-gpupdatesuse-upgrade-samba-ldb-ldapsuse-upgrade-samba-libssuse-upgrade-samba-libs-32bitsuse-upgrade-samba-libs-64bitsuse-upgrade-samba-libs-python3suse-upgrade-samba-libs-python3-32bitsuse-upgrade-samba-libs-python3-64bitsuse-upgrade-samba-python3suse-upgrade-samba-testsuse-upgrade-samba-toolsuse-upgrade-samba-winbindsuse-upgrade-samba-winbind-libssuse-upgrade-samba-winbind-libs-32bit

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today