CVE-2022-45141
Publication date 16 December 2022
Last updated 30 June 2025
Ubuntu priority
Description
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| samba | 25.04 plucky |
Not affected
|
| 24.04 LTS noble |
Not affected
|
|
| 22.04 LTS jammy |
Fixed 2:4.15.13+dfsg-0ubuntu1
|
|
| 20.04 LTS focal |
Fixed 2:4.15.13+dfsg-0ubuntu0.20.04.1
|
|
| 18.04 LTS bionic |
Fixed 2:4.7.6+dfsg~ubuntu-0ubuntu2.29+esm1
|
|
| 16.04 LTS xenial |
Fixed 2:4.3.11+dfsg-0ubuntu0.16.04.34+esm2
|
|
| 14.04 LTS trusty |
Not affected
|
Get expanded security coverage with Ubuntu Pro
Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.
Get Ubuntu Pro 30-day free trialNotes
mdeslaur
only affects 4.15.x and earlier The focal samba update was temporarily reverted by USN 5822-2 because it introduced regressions. It was later updated again with USN 5936-1.
Patch details
| Package | Patch details |
|---|---|
| samba |
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
9.8 · Critical
|
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
References
Related Ubuntu Security Notices (USN)
- USN-5822-1
- Samba vulnerabilities
- 24 January 2023
- USN-5936-1
- Samba vulnerabilities
- 8 March 2023
- USN-7582-1
- Samba vulnerabilities
- 19 June 2025