Unrated severityNVD Advisory· Published Nov 28, 2018· Updated Aug 5, 2024
CVE-2018-14629
CVE-2018-14629
Description
A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead to infinite recursion in the server. An unprivileged local attacker could create such an entry, leading to denial of service.
Affected products
4- osv-coords4 versionspkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweedpkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015
< 4.14.6+git.182.2205d5224e3-1.1+ 3 more
- (no CPE)range: < 4.14.6+git.182.2205d5224e3-1.1
- (no CPE)range: < 4.7.11+git.140.6bd0e5b30d8-4.21.1
- (no CPE)range: < 4.7.11+git.140.6bd0e5b30d8-4.21.1
- (no CPE)range: < 4.7.11+git.140.6bd0e5b30d8-4.21.1
Patches
3b7d190f89d76VERSION: Disable GIT_SNAPSHOT for the 4.7.12 release.
1 file changed · +1 −1
VERSION+1 −1 modified@@ -99,7 +99,7 @@ SAMBA_VERSION_RC_RELEASE= # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes # # -> "3.0.0-SVN-build-199" # ######################################################## -SAMBA_VERSION_IS_GIT_SNAPSHOT=yes +SAMBA_VERSION_IS_GIT_SNAPSHOT=no ######################################################## # This is for specifying a release nickname #
cd870beb978aVERSION: Disable GIT_SNAPSHOT for the 4.8.7 release.
1 file changed · +1 −1
VERSION+1 −1 modified@@ -99,7 +99,7 @@ SAMBA_VERSION_RC_RELEASE= # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes # # -> "3.0.0-SVN-build-199" # ######################################################## -SAMBA_VERSION_IS_GIT_SNAPSHOT=yes +SAMBA_VERSION_IS_GIT_SNAPSHOT=no ######################################################## # This is for specifying a release nickname #
40c057c900a9VERSION: Disable GIT_SNAPSHOT for the 4.9.3 release.
1 file changed · +1 −1
VERSION+1 −1 modified@@ -99,7 +99,7 @@ SAMBA_VERSION_RC_RELEASE= # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes # # -> "3.0.0-SVN-build-199" # ######################################################## -SAMBA_VERSION_IS_GIT_SNAPSHOT=yes +SAMBA_VERSION_IS_GIT_SNAPSHOT=no ######################################################## # This is for specifying a release nickname #
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
9- security.gentoo.org/glsa/202003-52mitrevendor-advisoryx_refsource_GENTOO
- usn.ubuntu.com/3827-1/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3827-2/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2018/dsa-4345mitrevendor-advisoryx_refsource_DEBIAN
- www.securityfocus.com/bid/106022mitrevdb-entryx_refsource_BID
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
- lists.debian.org/debian-lts-announce/2018/12/msg00005.htmlmitremailing-listx_refsource_MLIST
- security.netapp.com/advisory/ntap-20181127-0001/mitrex_refsource_CONFIRM
- www.samba.org/samba/security/CVE-2018-14629.htmlmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.