Samba 32-Bit Systems Buffer Overflow

Oct 10, 2023

Summary

An integer overflow vulnerability in Kerberos PAC parsing could allow an authenticated attacker to cause a denial of service or potentially execute arbitrary code.

Vulnerability ID	Vulnerability Overview
CVE-2022-42898	An integer overflow vulnerability exists in the PAC (Privilege Attribute Certificate) parsing mechanism within MIT Kerberos 5 (krb5) and Heimdal. An authenticated attacker can exploit this flaw by sending a specially crafted PAC to a KDC, kadmind, or a GSS/Kerberos application server (such as Samba). On 32-bit systems, this can cause a heap-based buffer overflow leading to remote code execution. On 64-bit systems, it typically results in an out-of-bounds read that causes a daemon crash (denial of service).

Vulnerability ID

Vulnerability Overview

CVE-2022-42898

An integer overflow vulnerability exists in the PAC (Privilege Attribute Certificate) parsing mechanism within MIT Kerberos 5 (krb5) and Heimdal. An authenticated attacker can exploit this flaw by sending a specially crafted PAC to a KDC, kadmind, or a GSS/Kerberos application server (such as Samba). On 32-bit systems, this can cause a heap-based buffer overflow leading to remote code execution. On 64-bit systems, it typically results in an out-of-bounds read that causes a daemon crash (denial of service).

Affected Supported TeraStations

TS7010
TS6000
TS5020 / TS5010
TS3020 / TS3010

Back to Security Notices

Date	Description
10/10/2023	Initial release

Back to Security Notices

Network Attached Storage

Portable Solid State Drive (SSD)

External Hard Drives

While Supplies Last

Optical Drives

Multi-Gigabit Switches

Accessories

View All

Latest Article

Buffalo Americas Product Life Cycle Status Change Notice - BS-MP2008 & BS-MP2012 Business Switches

Samba 32-Bit Systems Buffer Overflow