CVE-2022-0336

Name
CVE-2022-0336
Description
The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity.
NVD Severity
high
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://www.samba.org/samba/security/CVE-2022-0336.html
MISC https://access.redhat.com/security/cve/CVE-2022-0336
MISC https://github.com/samba-team/samba/commit/1a5dc817c0c9379bbaab14c676681b42b0039a3c
MISC https://bugzilla.redhat.com/show_bug.cgi?id=2046134
MISC https://github.com/samba-team/samba/commit/c58ede44f382bd0125f761f0479c8d48156be400
MISC https://bugzilla.samba.org/show_bug.cgi?id=14950
GENTOO https://security.gentoo.org/glsa/202309-06

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* samba >= 4.14.0 < 4.14.12
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* samba >= 4.15.0 < 4.15.4
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* samba >= 4.0.0 < 4.13.17

Vulnerable and fixed packages

Source package Branch Version Maintainer Status