CVE-2022-32742 : samba - Server memory information leak via SMB1
Versions Affected : All versions prior to TrueNAS Core 13.0-U2 and TrueNAS SCALE 22.02.3
Description
All versions of Samba with SMB1 enabled are vulnerable to a server memory information leak bug over SMB1 if a client can write data to a share.
Some SMB1 write requests were not correctly range checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client supplied data. The client cannot control the area of the server memory that is written to the file (or printer)
CVSS
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base score 4.3
Workaround
Disable SMB1 if in use. Systems that do not use SMB1 are not vulnerable.
Mitigation
- Upgrade to TrueNAS SCALE 13.0-U2 or TrueNAS SCALE 22.02.3 or later