Launchpad.net

CVE 2022-32742

A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control the area of the server memory written to the file (or printer).

Related bugs and status

CVE-2022-32742 (Candidate) is related to these bugs:

Bug #1981414: Cannot rename/move files on DFS through libsmbclient

		In	Importance	Status
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu)	Undecided	Fix Released
1981414	Cannot rename/move files on DFS through libsmbclient	samba	Unknown	Unknown
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu Jammy)	Undecided	Fix Released
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu Focal)	Undecided	Fix Released
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu Kinetic)	Undecided	Fix Released
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu Impish)	Undecided	Won't Fix
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu Bionic)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

MISC: https://www.samba.org/...
GENTOO: GLSA-202309-06