PublicDateAtUSN: 2021-10-12 18:15:00 UTC Candidate: CVE-2021-3671 PublicDate: 2021-10-12 18:15:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671 https://ubuntu.com/security/notices/USN-5142-1 https://ubuntu.com/security/notices/USN-5174-1 Description: A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server. Ubuntu-Description: Notes: mdeslaur> same as CVE-2021-37750 for MIT krb5 Mitigation: Bugs: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996586 https://bugzilla.redhat.com/show_bug.cgi?id=2013080 https://bugzilla.samba.org/show_bug.cgi?id=14770 Priority: low Discovered-by: Joseph Sutton Assigned-to: CVSS: nvd: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H [6.5 MEDIUM] Patches_heimdal: upstream: https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a upstream: https://github.com/heimdal/heimdal/commit/773802aecfb4b6a73817fa522faeb55b2a7cdb2a upstream_heimdal: needs-triage trusty/esm_heimdal: needed esm-infra/xenial_heimdal: needed trusty_heimdal: ignored (out of standard support) xenial_heimdal: ignored (out of standard support) bionic_heimdal: needed focal_heimdal: needed hirsute_heimdal: ignored (reached end-of-life) impish_heimdal: needed jammy_heimdal: needs-triage devel_heimdal: needs-triage Patches_samba: upstream: https://gitlab.com/samba-team/samba/-/commit/0cb4b939f192376bf5e33637863a91a20f74c5a5 upstream_samba: released (4.13.13) trusty/esm_samba: needed esm-infra/xenial_samba: needed trusty_samba: ignored (out of standard support) xenial_samba: ignored (out of standard support) bionic_samba: released (2:4.7.6+dfsg~ubuntu-0ubuntu2.26) focal_samba: released (2:4.13.14+dfsg-0ubuntu0.20.04.1) hirsute_samba: released (2:4.13.14+dfsg-0ubuntu0.21.04.1) impish_samba: released (2:4.13.14+dfsg-0ubuntu0.21.10.1) jammy_samba: released (2:4.13.14+dfsg-0ubuntu1) devel_samba: released (2:4.13.14+dfsg-0ubuntu1)