CVE-2019-12436

Priority
Description
Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD
DC LDAP server Denial of Service. This is related to an attacker using the
paged search control. The attacker must have directory read access in order
to attempt an exploit.
Assigned-to
mdeslaur
Notes
mdeslaur4.10 only
Package
Source: samba (LP Ubuntu Debian)
Upstream:released (4.9.10)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected
Ubuntu 14.04 ESM (Trusty Tahr):not-affected
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (2:4.3.11+dfsg-0ubuntu0.16.04.21)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (2:4.7.6+dfsg~ubuntu-0ubuntu2.11)
Ubuntu 19.04 (Disco Dingo):released (2:4.10.0+dfsg-0ubuntu2.2)
Ubuntu 19.10 (Eoan Ermine):released (2:4.10.0+dfsg-0ubuntu4)
More Information

Updated: 2019-12-05 21:09:47 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)