Samba has released versions 4.17.3, 4.16.7, and 4.15.12 to fix a security vulnerability(CVE-2022-42898) on 32-bit systems.
Based on the released statement by Samba, all versions of Samba prior to 4.15.12, 4.16.7, and 4.17.3 are affected by this security flaw.
A. Nature of the Vulnerability
Samba’s Kerberos libraries and AD DC failed to guard against integer overflows when parsing a PAC on a 32-bit system, which allowed an attacker with a forged PAC to corrupt the heap.
B. Actions to be Taken
- CERT-PH encourages all Samba users/administrators using prior versions 4.17.3, 4.16.7 and 4.15.12 to review and apply the updates to mitigate future threats.
- For additional information, kindly refer to the official advisory: