High severity7.5NVD Advisory· Published Dec 29, 2015· Updated May 6, 2026
CVE-2015-7540
CVE-2015-7540
Description
The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets.
Affected products
7cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- lists.fedoraproject.org/pipermail/package-announce/2015-December/174076.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2015-December/174391.htmlnvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.htmlnvdMailing ListThird Party Advisory
- www.debian.org/security/2016/dsa-3433nvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/79736nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1034492nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2855-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2855-2nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- security.gentoo.org/glsa/201612-47nvdThird Party Advisory
- www.samba.org/samba/security/CVE-2015-7540.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.