[CLSA-2026:1777321102] Fix CVE(s): CVE-2022-26923, CVE-2022-32743
Type:
security
Severity:
Important
Release date:
2026-04-27 20:18:28 UTC
Description:
* SECURITY UPDATE: Samba AD DC did not enforce the Validated-DNS-Host-Name write right, allowing an unprivileged authenticated user with machine account write access (e.g. SeMachineAccountPrivilege) to set the dNSHostName attribute to an arbitrary value, bypassing the MS-ADTS requirement that it match .. This primitive is commonly chained with CVE-2022-26923 (Certifried) via AD CS to forge a machine certificate and escalate to Domain Admin. - debian/patches/CVE-2022-32743.patch - CVE-2022-32743
Updated packages:
  • ctdb_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:6a7c3e2f4e9b60464fe9340b053092e439c49cd4
  • libnss-winbind_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:3f8880fbb1d029f54926ade9680a30ce50becb4e
  • libpam-winbind_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:29cb871ccbf25e193e71f39bf70c1e789a4d8a86
  • libsmbclient_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:e2304416c5b4de16673900a1ddf08b104ab6755d
  • libsmbclient-dev_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:7e23101c4fd547ff7052abd8259a7ed6f2ea9d9f
  • libwbclient-dev_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:65b1787ce42f54b6fe4e0f8c79c76e3308f82ca9
  • libwbclient0_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:e8d27119920f76388672bfd6b55f9439a5d8f80e
  • python3-samba_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:19ec56e27748aab576285258137432113a97d11c
  • registry-tools_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:5c22797fafef67ead494e286064918ba431e1312
  • samba_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:e9c785a7cc7eefe4b7d2ec8197bd8f07a748642e
  • samba-common_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_all.deb
    sha:0933a816a2b834d2c7f0ec2ee94f2b7b3e2cda4b
  • samba-common-bin_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:9dee1e46b5ff6b90da00c2c5b1e36d230d47696b
  • samba-dev_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:3a163272895ffa8e4e425040143c9fc47ca85309
  • samba-dsdb-modules_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:50187133539705b2bc7f43dd55fae1f8fefbd33b
  • samba-libs_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:f0c990f7fa0f3e2f5cf66aeb46ab0006de653edd
  • samba-testsuite_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:75b0acf3d2053a8ed1049fd99eb578ddfda1cafc
  • samba-vfs-modules_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:adb45ba2e711c65b13a59b2bd0f50f9b7fa2bce7
  • smbclient_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:7dee5a6dce271870a85221df5dd8057c7773db46
  • winbind_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els2_amd64.deb
    sha:f342607940d26c5bcaa7c80dbf93456a26cd13b5
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.