What the vulnerability does

01Description

A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control the area of the server memory written to the file (or printer).

Key dates

02Disclosure timeline

August 25, 2022 CVE published
August 3, 2024 Record updated