High severity7.5NVD Advisory· Published Dec 29, 2015· Updated Jun 17, 2026
CVE-2015-7540
CVE-2015-7540
Description
The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*range: >=4.0.0,<4.1.22
- (no CPE)range: < 4.1.22
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
14- lists.fedoraproject.org/pipermail/package-announce/2015-December/174076.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2015-December/174391.htmlnvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.htmlnvdMailing ListThird Party Advisory
- www.debian.org/security/2016/dsa-3433nvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/79736nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1034492nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2855-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2855-2nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- security.gentoo.org/glsa/201612-47nvdThird Party Advisory
- www.samba.org/samba/security/CVE-2015-7540.htmlnvdVendor Advisory
- git.samba.orgnvd
- git.samba.orgnvd
News mentions
0No linked articles in our index yet.