Launchpad.net

CVE 2022-32746

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl.

Related bugs and status

CVE-2022-32746 (Candidate) is related to these bugs:

Bug #1981414: Cannot rename/move files on DFS through libsmbclient

		In	Importance	Status
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu)	Undecided	Fix Released
1981414	Cannot rename/move files on DFS through libsmbclient	samba	Unknown	Unknown
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu Jammy)	Undecided	Fix Released
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu Focal)	Undecided	Fix Released
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu Kinetic)	Undecided	Fix Released
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu Impish)	Undecided	Won't Fix
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu Bionic)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

MISC: https://www.samba.org/...
GENTOO: GLSA-202309-06