CVE-2022-32746

medium

Description

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl.

References

https://www.samba.org/samba/security/CVE-2022-32746.html

Details

Source: MITRE

Published: 2022-08-25

Updated: 2022-08-30

Type: CWE-416