CVE-2020-10700

Priority
Description
A use-after-free flaw was found in the way samba AD DC LDAP servers,
handled 'Paged Results' control is combined with the 'ASQ' control. A
malicious user in a samba AD could use this flaw to cause denial of
service. This issue affects all samba versions before 4.10.15, before
4.11.8 and before 4.12.2.
Assigned-to
mdeslaur
Notes
mdeslaurSamba 4.10.0 and later
Package
Source: samba (LP Ubuntu Debian)
Upstream:released (4.10.15,4.11.8,4.12.2)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (code not present)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (code not present)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (code not present)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (code not present)
Ubuntu 19.10 (Eoan Ermine):released (2:4.10.7+dfsg-0ubuntu2.5)
Ubuntu 20.04 LTS (Focal Fossa):released (2:4.11.6+dfsg-0ubuntu1.1)
Ubuntu 20.10 (Groovy Gorilla):released (2:4.11.6+dfsg-0ubuntu1.1)
More Information

Updated: 2020-05-14 07:16:03 UTC (commit 89fffdbcf9e2d0786adaaeab7de41eba1e24b552)