{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-45142", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2024-08-03T14:09:56.389Z", "dateReserved": "2022-11-10T00:00:00", "datePublished": "2023-03-06T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2023-10-08T08:06:31.799478"}, "descriptions": [{"lang": "en", "value": "The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding \"!= 0\" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted."}], "affected": [{"vendor": "n/a", "product": "Samba", "versions": [{"version": "unknown", "status": "affected"}]}], "references": [{"url": "https://www.openwall.com/lists/oss-security/2023/02/08/1"}, {"name": "GLSA-202310-06", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202310-06"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-354", "cweId": "CWE-354"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T14:09:56.389Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.openwall.com/lists/oss-security/2023/02/08/1", "tags": ["x_transferred"]}, {"name": "GLSA-202310-06", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202310-06"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:heimdal_project:heimdal:7.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "BCC5903D-5BD2-4BA3-8380-DA8895795C89", "vulnerable": true}, {"criteria": "cpe:2.3:a:heimdal_project:heimdal:7.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "AE3686D9-71B1-498E-8CAD-FEA89B78D6DB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding \"!= 0\" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted."}], "id": "CVE-2022-45142", "lastModified": "2023-10-08T09:15:11.120", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-03-06T23:15:11.233", "references": [{"source": "secalert@redhat.com", "url": "https://security.gentoo.org/glsa/202310-06"}, {"source": "secalert@redhat.com", "tags": ["Mailing List"], "url": "https://www.openwall.com/lists/oss-security/2023/02/08/1"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-354"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-354"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"bugzilla": {"description": "samba: fix introduced a logic inversion", "id": "2166672", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166672"}, "csaw": false, "cwe": "CWE-354", "details": ["The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding \"!= 0\" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted."], "name": "CVE-2022-45142", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "samba", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "samba", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "samba", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "samba", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Not affected", "package_name": "samba", "product_name": "Red Hat Storage 3"}], "public_date": "2023-02-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-45142\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-45142"], "statement": "Samba in RHEL is not compiled to use the Heimdal Kerberos library.\nVersions of Samba shipped in Red Hat Enterprise Linux are compiled to use the system MIT Kerberos using the \"--with-system-mitkrb5\" argument, and these installations are not impacted, as the vulnerable code is not compiled into Samba.", "threat_severity": "Important"}