Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,
print, and login server for Unix.
Luke Howard reported that Samba AD users can bypass certain
restrictions associated with changing passwords. A user who has been
requested to change their password can exploit this to obtain and
use tickets to other services.
Luca Moro reported that a SMB1 client with write access to a share
can cause server memory content to be leaked.
Joseph Sutton reported that Samba AD users can forge password change
requests for any user, resulting in privilege escalation.
Joseph Sutton reported that Samba AD users can crash the server
process with a specially crafted LDAP add or modify request.
Joseph Sutton and Andrew Bartlett reported that Samba AD users can
cause a use-after-free in the server process with a specially
crafted LDAP add or modify request.
For the stable distribution (bullseye), these problems have been fixed in version 2:4.13.13+dfsg-1~deb11u5. The fix for CVE-2022-32745 required an
update to ldb 2:2.2.3-2~deb11u2 to correct the defect.
We recommend that you upgrade your samba packages.