CVE-2022-42898

Note

Per upstream Samba advisory, this is only an issue on 32-bit
systems.
a regression in heimdal was reported by samba and fixed in
https://github.com/heimdal/heimdal/pull/1025
See samba bug for samba regression fix not yet commited
The focal samba update was temporarily reverted by USN 5822-2
because it introduced regressions. It was later updated again
with USN 5936-1.

Package	Release	Status
heimdal Launchpad, Ubuntu, Debian	bionic	Released (7.5.0+dfsg-1ubuntu0.3)
	trusty	Released (1.6~git20131207+dfsg-1ubuntu1.2+esm3) Available with Ubuntu Pro or Ubuntu Pro (Infra-only)
	xenial	Released (1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm3) Available with Ubuntu Pro or Ubuntu Pro (Infra-only)
	jammy	Needed
	kinetic	Ignored (end of life, was needed)
	upstream	Released (7.7.1, 7.8, 7.8.git20221115.a6cf945+dfsg-1)
	focal	Released (7.7.0+dfsg-1ubuntu1.3)
	lunar	Needed
	Patches: upstream: https://github.com/heimdal/heimdal/commit/b90b219ab8faa6bb0e7c2e7aa241aa7eeab0adac upstream: https://github.com/heimdal/heimdal/commit/0c56257bdac80da015878fffdb0f8a42b8d73246 (7.7.1) upstream: https://github.com/heimdal/heimdal/commit/9d1bfab9882d0aa14ae0981e6667c93db93ffc5d (regression)
	Binaries built from this source package are in Universe and so are supported by the community.
samba Launchpad, Ubuntu, Debian	upstream	Released (2:4.17.3+dfsg-1,4.17.3,4.16.7,4.15.12)
	bionic	Needed
	focal	Released (2:4.15.13+dfsg-0ubuntu0.20.04.1)
	jammy	Released (2:4.15.13+dfsg-0ubuntu1)
	kinetic	Released (2:4.16.8+dfsg-0ubuntu1)
	trusty	Needed
	xenial	Needs triage
	lunar	Not vulnerable (2:4.17.3+dfsg-3ubuntu1)
	Patches: upstream: https://git.samba.org/?p=samba.git;a=commit;h=a8ef840d4362d3ffeab13c1d5fea417511b727c2 (4.16.7) upstream: https://git.samba.org/?p=samba.git;a=commit;h=8369aee33a0b3de10485dc72223f4653585e3a79 (4.15.12) upstream: https://git.samba.org/?p=samba.git;a=commit;h=f792d3e3906414d836d186ec279586c13a83ba8d (4.15.12) upstream: https://git.samba.org/?p=samba.git;a=commit;h=9c909c57ce7abacd96ba18173a9dc4ba9a7c0230 (4.15.12) upstream: https://git.samba.org/?p=samba.git;a=commit;h=a3816433ae971830c2b16b366b10283aeb5a87b5 (4.15.12) upstream: https://git.samba.org/?p=samba.git;a=commit;h=f3672577a8e15b7937d0067a262d04df632dade9 (4.15.13 regre)
krb5 Launchpad, Ubuntu, Debian	upstream	Released (1.20.1-1, 1.20.1, 1.19.4)
	kinetic	Released (1.20-1ubuntu0.1)
	trusty	Released (1.12+dfsg-2ubuntu5.4+esm3) Available with Ubuntu Pro or Ubuntu Pro (Infra-only)
	xenial	Released (1.13.2+dfsg-5ubuntu2.2+esm3) Available with Ubuntu Pro or Ubuntu Pro (Infra-only)
	focal	Released (1.17-6ubuntu4.2)
	jammy	Released (1.19.2-2ubuntu0.1)
	bionic	Released (1.16-2ubuntu0.3)
	lunar	Not vulnerable (1.20.1-1build1)
	Patches: upstream: https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583 (master) upstream: https://github.com/krb5/krb5/commit/b99de751dd35360c0fccac74a40f4a60dbf1ceea (1.20) upstream: https://github.com/krb5/krb5/commit/4e661f0085ec5f969c76c0896a34322c6c432de4 (1.19)
	Binaries built from this source package are in Universe and so are supported by the community.

Parameter	Value
Base score	8.8
Attack vector	Network
Attack complexity	Low
Privileges required	Low
User interaction	None
Scope	Unchanged
Confidentiality	High
Integrity impact	High
Availability impact	High
Vector	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Security

CVE-2022-42898

Notes

Priority

Cvss 3 Severity Score

Status

Severity score breakdown

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Further reading