发布于3月6日3月6日 Members Gentoo Linux: CVE-2022-3437: Samba: Multiple Vulnerabilities Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 01/12/2023 Created 09/18/2023 Added 09/18/2023 Modified 01/28/2025 Description A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack. Solution(s) gentoo-linux-upgrade-app-crypt-heimdal gentoo-linux-upgrade-net-fs-samba References https://attackerkb.com/topics/cve-2022-3437 CVE - 2022-3437 202309-06 202310-06
参与讨论
你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。
注意:你的帖子需要版主批准后才能看到。