Samba has released software updates to fix five vulnerabilities in multiple Samba software products. One of the fixed issues could allow Samba AD users to forge password change requests for any user.
A remote attacker could take advantage of these vulnerabilities and exploit impacted systems.
Samba software is used for file and print services for all clients using the SMB/CIFS protocol. Samba is used to seamlessly integrate Linux/Unix systems into Windows Active Directory environments.
In total, Samba patched five vulnerabilities of varying severity:
- CVE-2022-2031: Samba AD users can bypass certain restrictions associated with changing passwords (CVSS 5.1).
- CVE-2022-32742: Server memory information leak via SMB1 in all versions of Samba (CVSS 4.3).
- CVE-2022-32745: Samba AD users can crash the server process with an LDAP add or modify request (CVSS 5.4).
- CVE-2022-32746: Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request (CVSS 5.4).
- CVE-2022-32744: Samba AD users can forge password change requests for any user (CVSS 8.8).
The most severe of the issues (CVE-2022-32744) rated High severity, could allow the KDC to accept kpasswd requests encrypted with any key known to it.
“A user could thus change the password of the Administrator account and gain total control over the domain. Full loss of confidentiality and integrity would be possible, as well as of availability by denying users access to their accounts,” Samba explained in the advisory.
Samba versions 4.16.4, 4.15.9, and 4.14.14 have been released to fix the vulnerability.
- Samba patches Critical vfs_fruit vulnerability and two other issues
- Samba fixes vulnerability (CVE-2021-20254) that could allow an attacker unauthorized access to files
- Samba addresses Critical Zerologon vulnerability
- Microsoft January 2022 Security Updates address 10 Critical vulnerabilities
- APT actors exploit legacy internet-facing vulnerabilities in combination with Zerologon to target organizations