SUSE-SU-2022:2582-1

Advisory lineage Upstream: 5 Downstream: 0
Published: 29 Jul 2022, 08:25
Last modified:04 Feb 2026, 04:36

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

29 Jul 2022, 08:25
Published
Vulnerability first disclosed
04 Feb 2026, 04:36
Last Modified
Vulnerability information updated

Description

Security update for samba This update for samba fixes the following issues: - CVE-2022-32746: Fixed a use-after-free occurring in database audit logging (bsc#1201490). - CVE-2022-32745: Fixed a remote server crash with an LDAP add or modify request (bsc#1201492). - CVE-2022-2031: Fixed AD restrictions bypass associated with changing passwords (bsc#1201495). - CVE-2022-32742: Fixed a memory leak in SMB1 (bsc#1201496). - CVE-2022-32744: Fixed an arbitrary password change request for any AD user (bsc#1201493). The following non-security bugs were fixed: - netgroups support removed; (bso#15087); (bsc#1199247). - net ads info shows LDAP Server: 0.0.0.0 depending on contacted server; (bso#14674); (bsc#1199734). - smbclient commands del and deltree fail with NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100); (bsc#1200556). - move pdb backends from package samba-libs to package samba-client-libs and remove samba-libs requirement from samba-winbind; (bsc#1200964); (bsc#1198255);

Affected Systems

  • susesamba&distro=SUSE Linux Enterprise High Availability Extension 12 SP5

    < 4.15.8+git.462.e73f4310487-3.68.1

  • susesamba&distro=SUSE Linux Enterprise Server 12 SP5

    < 4.15.8+git.462.e73f4310487-3.68.1

  • susesamba&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP5

    < 4.15.8+git.462.e73f4310487-3.68.1

  • susesamba&distro=SUSE Linux Enterprise Software Development Kit 12 SP5

    < 4.15.8+git.462.e73f4310487-3.68.1

References (16)