CVE-2019-12435 in Ubuntu

CVE-2019-12435 (retired)

Priority

Description

Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer
dereference, leading to Denial of Service. This is related to the AD DC DNS
management server (dnsserver) RPC server process.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12435
https://www.samba.org/samba/security/CVE-2019-12435.html
https://usn.ubuntu.com/usn/usn-4018-1

Bugs

https://bugzilla.samba.org/show_bug.cgi?id=13922

Notes

mdeslaur> 4.9 and 4.10 only

Assigned-to

mdeslaur

Package

Source: samba (LP Ubuntu Debian)

Upstream:	released (4.9.10)
Ubuntu 12.04 ESM (Precise Pangolin):	not-affected
Ubuntu 14.04 ESM (Trusty Tahr):	not-affected
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (2:4.3.11+dfsg-0ubuntu0.16.04.21)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (2:4.7.6+dfsg~ubuntu-0ubuntu2.11)
Ubuntu 18.10 (Cosmic Cuttlefish):	not-affected (2:4.8.4+dfsg-2ubuntu2.4)
Ubuntu 19.04 (Disco Dingo):	released (2:4.10.0+dfsg-0ubuntu2.2)
Ubuntu 19.10 (Eoan):	released (2:4.10.0+dfsg-0ubuntu4)

More Information

Updated: 2019-06-20 17:15:01 UTC (commit 57d5e683ff0c2d17ef8db277d74a43cc2c16972a)