CVE-2020-10704

Priority
Description
A flaw was found when using samba as an Active Directory Domain Controller.
Due to the way samba handles certain requests as an Active Directory Domain
Controller LDAP server, an unauthorized user can cause a stack overflow
leading to a denial of service. The highest threat from this vulnerability
is to system availability. This issue affects all samba versions before
4.10.15, before 4.11.8 and before 4.12.2.
Assigned-to
mdeslaur
Notes
Package
Source: samba (LP Ubuntu Debian)
Upstream:released (4.10.15,4.11.8,4.12.2)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected
Ubuntu 14.04 ESM (Trusty Tahr):released (2:4.3.11+dfsg-0ubuntu0.14.04.20+esm6)
Ubuntu 16.04 LTS (Xenial Xerus):released (2:4.3.11+dfsg-0ubuntu0.16.04.26)
Ubuntu 18.04 LTS (Bionic Beaver):released (2:4.7.6+dfsg~ubuntu-0ubuntu2.16)
Ubuntu 19.10 (Eoan Ermine):released (2:4.10.7+dfsg-0ubuntu2.5)
Ubuntu 20.04 LTS (Focal Fossa):released (2:4.11.6+dfsg-0ubuntu1.1)
Ubuntu 20.10 (Groovy Gorilla):released (2:4.11.6+dfsg-0ubuntu1.1)
More Information

Updated: 2020-05-14 07:16:06 UTC (commit 89fffdbcf9e2d0786adaaeab7de41eba1e24b552)