CVE-2022-32742 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Information disclosure
Description	Server memory information leak via SMB1.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2782	samba	4.16.3-1	4.16.4-1	High	Fixed

References
https://www.samba.org/samba/security/CVE-2022-32742.html

Notes
This is an SMB1-only vulnerability. Since Samba release 4.11.0 SMB1 has been disabled by default. We do not recommend enabling SMB1 server support. For Samba versions prior to 4.11.0 please disable SMB1 by adding `server min protocol = SMB2_02` to the [global] section of your smb.conf and restarting smbd.

Notes

This is an SMB1-only vulnerability. Since Samba release 4.11.0 SMB1 has been disabled by default. We do not recommend enabling SMB1 server support. For Samba versions prior to 4.11.0 please disable SMB1 by adding `server min protocol = SMB2_02` to the [global] section of your smb.conf and restarting smbd.