git.samba.org / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fc03cf9) | patch
CVE-2022-2031 auth: Add ticket type field to auth_user_info_dc and auth_session_info
authorJoseph Sutton <josephsutton@catalyst.net.nz>
Fri, 10 Jun 2022 07:18:07 +0000 (19:18 +1200)
committerJule Anger <janger@samba.org>
Wed, 27 Jul 2022 10:52:36 +0000 (10:52 +0000)
commit6a10e890a086b4dc05d460ef3e0c2cd9cd8f1f42
treea5b45a95d2259bea084427a59513454067ea527ftree
parentfc03cf9f4547bf8164f61138d0211b866d36a956commit | diff
CVE-2022-2031 auth: Add ticket type field to auth_user_info_dc and auth_session_info

This field may be used to convey whether we were provided with a TGT or
a non-TGT. We ensure both structures are zeroed out to avoid incorrect
results being produced by an uninitialised field.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15049

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
auth/auth_sam_reply.c diff | blob | history
auth/auth_util.c diff | blob | history
librpc/idl/auth.idl diff | blob | history
source4/auth/ntlm/auth_developer.c diff | blob | history
source4/auth/sam.c diff | blob | history
source4/auth/session.c diff | blob | history
source4/auth/system_session.c diff | blob | history
Samba Shared Repository