Heap-based Buffer Overflow
CVE-2022-3437
Summary
A Heap-based Buffer Overflow vulnerability was found in Samba versions 3.4.0pre1 prior to 4.15.11, 4.16.x prior to 4.16.6, and 4.17.x prior to 4.17.2 within the GSSAPI "unwrap_des()" and "unwrap_des3()" routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on "malloc()" allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack. Heimdal before 7.7.1 also has a similar bug.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- LOW
- NONE
- HIGH
CWE-122 - Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Advisory Timeline
- Published