Launchpad CVE tracker

CVE 2022-32744

A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover.

Related bugs and status

CVE-2022-32744 (Candidate) is related to these bugs:

Bug #1981414: Cannot rename/move files on DFS through libsmbclient

		In	Importance	Status
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu)	Undecided	Fix Released
1981414	Cannot rename/move files on DFS through libsmbclient	samba	Unknown	Unknown
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu Jammy)	Undecided	Fix Released
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu Focal)	Undecided	Fix Released
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu Kinetic)	Undecided	Fix Released
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu Impish)	Undecided	Won't Fix
1981414	Cannot rename/move files on DFS through libsmbclient	samba (Ubuntu Bionic)	Undecided	Won't Fix

Bug #1994111: Debian CVE-2022-32744 / CVE-2022-2031: samba: multiple CVEs

Summary				In	Importance	Status
	1994111	Debian CVE-2022-32744 / CVE-2022-2031: samba: multiple CVEs		StarlingX	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://www.samba.org/...
GENTOO: GLSA-202309-06

Launchpad.net

CVE 2022-32744

Related bugs and status

Related bugs

References