AVG-2782 log

Package samba
Status Fixed
Severity High
Type multiple issues
Affected 4.16.3-1
Fixed 4.16.4-1
Current 2:4.21.1-1 [extra]
Ticket None
Created Thu Jul 28 06:59:34 2022
Issue Severity Remote Type Description
CVE-2022-32746 Medium Yes Arbitrary code execution
Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request.
CVE-2022-32745 Medium Yes Unknown
Samba AD users can crash the server process with an LDAP add or modify request.
CVE-2022-32744 High Yes Authentication bypass
Samba AD users can forge password change requests for any user.
CVE-2022-32742 Medium Yes Information disclosure
Server memory information leak via SMB1.
CVE-2022-2031 Medium Yes Access restriction bypass
Samba AD users can bypass certain restrictions associated with changing passwords.
References
https://www.samba.org/samba/history/samba-4.16.4.html