CVE-2019-12435 in Ubuntu

CVE-2019-12435

Priority

Description

Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer
dereference, leading to Denial of Service. This is related to the AD DC DNS
management server (dnsserver) RPC server process.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12435
https://www.samba.org/samba/security/CVE-2019-12435.html
https://usn.ubuntu.com/usn/usn-4018-1

Bugs

https://bugzilla.samba.org/show_bug.cgi?id=13922

Assigned-to

mdeslaur

Notes

mdeslaur

4.9 and 4.10 only

Package

Source: samba (LP Ubuntu Debian)

Upstream:	released (4.9.10)
Ubuntu 12.04 ESM (Precise Pangolin):	not-affected
Ubuntu 14.04 ESM (Trusty Tahr):	not-affected
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (2:4.3.11+dfsg-0ubuntu0.16.04.21)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (2:4.7.6+dfsg~ubuntu-0ubuntu2.11)
Ubuntu 19.04 (Disco Dingo):	released (2:4.10.0+dfsg-0ubuntu2.2)
Ubuntu 19.10 (Eoan Ermine):	released (2:4.10.0+dfsg-0ubuntu4)

More Information

Updated: 2019-12-05 21:09:47 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)