Launchpad CVE tracker

CVE 2022-3437

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.

Related bugs and status

CVE-2022-3437 (Candidate) is related to these bugs:

Bug #2003867: Samba user home path not accessible if directory added after %U - canonicalize_connect_path failed

Summary				In	Importance	Status
	2003867	Samba user home path not accessible if directory added after %U - canonicalize_connect_path failed		samba (Ubuntu)	Critical	Fix Released

Bug #2003891: Can not authenticate on Windows after upgrading samba AD packages to version 2:4.13.17~dfsg-0ubuntu1.20.04.4

Summary				In	Importance	Status
	2003891	Can not authenticate on Windows after upgrading samba AD packages to version 2:4.13.17~dfsg-0ubuntu1.20.04.4		samba (Ubuntu)	Critical	Fix Released

Bug #2058868: [Debian] High CVE: CVE-2022-2127/CVE-2022-3437/CVE-2023-34966/CVE-2023-34967/CVE-2023-34968 samba : multiple CVEs

Summary				In	Importance	Status
	2058868	[Debian] High CVE: CVE-2022-2127/CVE-2022-3437/CVE-2023-34966/CVE-2023-34967/CVE-2023-34968 samba : multiple CVEs		StarlingX	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2022-3437

References