{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2022-2127","assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","state":"PUBLISHED","assignerShortName":"redhat","dateReserved":"2022-06-18T15:45:19.770Z","datePublished":"2023-07-20T14:49:49.422Z","dateUpdated":"2025-11-20T16:09:23.584Z"},"containers":{"cna":{"title":"Samba: out-of-bounds read in winbind auth_crap","metrics":[{"other":{"content":{"value":"Moderate","namespace":"https://access.redhat.com/security/updates/classification/"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":5.9,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS"}],"descriptions":[{"lang":"en","value":"An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manager response length. When Winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in Winbind, possibly resulting in a crash."}],"affected":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"samba","defaultStatus":"affected","versions":[{"version":"0:4.18.6-1.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:enterprise_linux:8::crb","cpe:/o:redhat:enterprise_linux:8::baseos","cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"samba","defaultStatus":"affected","versions":[{"version":"0:4.18.6-1.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:enterprise_linux:8::crb","cpe:/o:redhat:enterprise_linux:8::baseos","cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"samba","defaultStatus":"affected","versions":[{"version":"0:4.15.5-15.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/o:redhat:rhev_hypervisor:4.4::el8","cpe:/a:redhat:rhel_eus:8.6::appstream","cpe:/a:redhat:rhel_eus:8.6::crb","cpe:/o:redhat:rhel_eus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"samba","defaultStatus":"affected","versions":[{"version":"0:4.17.5-5.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_eus:8.8::crb","cpe:/o:redhat:rhel_eus:8.8::baseos","cpe:/a:redhat:rhel_eus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"samba","defaultStatus":"affected","versions":[{"version":"0:4.18.6-100.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:enterprise_linux:9::resilientstorage","cpe:/o:redhat:enterprise_linux:9::baseos","cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"samba","defaultStatus":"affected","versions":[{"version":"0:4.18.6-100.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:enterprise_linux:9::resilientstorage","cpe:/o:redhat:enterprise_linux:9::baseos","cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Virtualization 4 for Red Hat Enterprise Linux 8","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"samba","defaultStatus":"affected","versions":[{"version":"0:4.15.5-15.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/o:redhat:rhev_hypervisor:4.4::el8","cpe:/a:redhat:rhel_eus:8.6::appstream","cpe:/a:redhat:rhel_eus:8.6::crb","cpe:/o:redhat:rhel_eus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"samba","defaultStatus":"unknown","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"samba4","defaultStatus":"unknown","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"samba","defaultStatus":"unknown","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Storage 3","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"samba","defaultStatus":"unknown","cpes":["cpe:/a:redhat:storage:3"]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2023:6667","name":"RHSA-2023:6667","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2023:7139","name":"RHSA-2023:7139","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2024:0423","name":"RHSA-2024:0423","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2024:0580","name":"RHSA-2024:0580","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/security/cve/CVE-2022-2127","tags":["vdb-entry","x_refsource_REDHAT"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222791","name":"RHBZ#2222791","tags":["issue-tracking","x_refsource_REDHAT"]},{"url":"https://www.samba.org/samba/security/CVE-2022-2127.html"}],"datePublic":"2023-07-19T00:00:00.000Z","problemTypes":[{"descriptions":[{"cweId":"CWE-125","description":"Out-of-bounds Read","lang":"en","type":"CWE"}]}],"x_redhatCweChain":"CWE-125: Out-of-bounds Read","timeline":[{"lang":"en","time":"2023-07-13T00:00:00.000Z","value":"Reported to Red Hat."},{"lang":"en","time":"2023-07-19T00:00:00.000Z","value":"Made public."}],"providerMetadata":{"orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat","dateUpdated":"2025-11-20T16:09:23.584Z"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T00:24:44.251Z"},"title":"CVE Program Container","references":[{"url":"https://access.redhat.com/errata/RHSA-2023:6667","name":"RHSA-2023:6667","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"]},{"url":"https://access.redhat.com/errata/RHSA-2023:7139","name":"RHSA-2023:7139","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"]},{"url":"https://access.redhat.com/errata/RHSA-2024:0423","name":"RHSA-2024:0423","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"]},{"url":"https://access.redhat.com/errata/RHSA-2024:0580","name":"RHSA-2024:0580","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"]},{"url":"https://access.redhat.com/security/cve/CVE-2022-2127","tags":["vdb-entry","x_refsource_REDHAT","x_transferred"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222791","name":"RHBZ#2222791","tags":["issue-tracking","x_refsource_REDHAT","x_transferred"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html","tags":["x_transferred"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/","tags":["x_transferred"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/","tags":["x_transferred"]},{"url":"https://security.netapp.com/advisory/ntap-20230731-0010/","tags":["x_transferred"]},{"url":"https://www.debian.org/security/2023/dsa-5477","tags":["x_transferred"]},{"url":"https://www.samba.org/samba/security/CVE-2022-2127.html","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-12-03T15:21:45.923934Z","id":"CVE-2022-2127","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-12-03T15:22:02.684Z"}}]}}