Search for vulnerabilities
Vulnerability details: VCID-ns51-gxba-fuf2
Vulnerability ID VCID-ns51-gxba-fuf2
Aliases CVE-2022-32742
Summary A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control the area of the server memory written to the file (or printer).
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
System Score Found at
cvssv3 4.3 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32742.json
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-32742
cvssv3.1 4.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 4.3 https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
ssvc Track https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
cvssv3.1 4.3 https://nvd.nist.gov/vuln/detail/CVE-2022-32742
archlinux High https://security.archlinux.org/AVG-2782
cvssv3.1 4.3 https://security.gentoo.org/glsa/202309-06
ssvc Track https://security.gentoo.org/glsa/202309-06
cvssv3.1 4.3 https://www.samba.org/samba/security/CVE-2022-32742.html
ssvc Track https://www.samba.org/samba/security/CVE-2022-32742.html
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32742.json
https://api.first.org/data/v1/epss?cve=CVE-2022-32742
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1016449 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449
202309-06 https://security.gentoo.org/glsa/202309-06
2108196 https://bugzilla.redhat.com/show_bug.cgi?id=2108196
AVG-2782 https://security.archlinux.org/AVG-2782
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
CVE-2022-32742 https://nvd.nist.gov/vuln/detail/CVE-2022-32742
CVE-2022-32742.html https://www.samba.org/samba/security/CVE-2022-32742.html
msg00015.html https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
RHSA-2022:7056 https://access.redhat.com/errata/RHSA-2022:7056
RHSA-2022:7111 https://access.redhat.com/errata/RHSA-2022:7111
RHSA-2022:8317 https://access.redhat.com/errata/RHSA-2022:8317
USN-5542-1 https://usn.ubuntu.com/5542-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32742.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T19:44:06Z/ Found at https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-32742
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://security.gentoo.org/glsa/202309-06
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T19:44:06Z/ Found at https://security.gentoo.org/glsa/202309-06
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://www.samba.org/samba/security/CVE-2022-32742.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T19:44:06Z/ Found at https://www.samba.org/samba/security/CVE-2022-32742.html
Exploit Prediction Scoring System (EPSS)
Percentile 0.39157
EPSS Score 0.00172
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:28:29.968231+00:00 Alpine Linux Importer Import https://secdb.alpinelinux.org/v3.18/main.json 37.0.0