CVE-2019-12436 (retired)

Priority
Description
Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD
DC LDAP server Denial of Service. This is related to an attacker using the
paged search control. The attacker must have directory read access in order
to attempt an exploit.
Notes
 mdeslaur> 4.10 only
Assigned-to
mdeslaur
Package
Source: samba (LP Ubuntu Debian)
Upstream:released (4.9.10)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected
Ubuntu 14.04 ESM (Trusty Tahr):not-affected
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (2:4.3.11+dfsg-0ubuntu0.16.04.21)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (2:4.7.6+dfsg~ubuntu-0ubuntu2.11)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (2:4.8.4+dfsg-2ubuntu2.4)
Ubuntu 19.04 (Disco Dingo):released (2:4.10.0+dfsg-0ubuntu2.2)
Ubuntu 19.10 (Eoan):released (2:4.10.0+dfsg-0ubuntu4)
More Information

Updated: 2019-06-20 17:15:01 UTC (commit 57d5e683ff0c2d17ef8db277d74a43cc2c16972a)