Unrated severityNVD Advisory· Published Nov 28, 2018· Updated Aug 5, 2024
CVE-2018-16841
CVE-2018-16841
Description
Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validly signed certificate does not match the principal in the AS-REQ. This is only possible after authentication with a trusted certificate. talloc is robust against further corruption from a double-free with talloc_free() and directly calls abort(), terminating the KDC process.
Affected products
4- osv-coords4 versionspkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweedpkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015
< 4.14.6+git.182.2205d5224e3-1.1+ 3 more
- (no CPE)range: < 4.14.6+git.182.2205d5224e3-1.1
- (no CPE)range: < 4.7.11+git.140.6bd0e5b30d8-4.21.1
- (no CPE)range: < 4.7.11+git.140.6bd0e5b30d8-4.21.1
- (no CPE)range: < 4.7.11+git.140.6bd0e5b30d8-4.21.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- security.gentoo.org/glsa/202003-52mitrevendor-advisoryx_refsource_GENTOO
- usn.ubuntu.com/3827-1/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3827-2/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2018/dsa-4345mitrevendor-advisoryx_refsource_DEBIAN
- www.securityfocus.com/bid/106023mitrevdb-entryx_refsource_BID
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
- security.netapp.com/advisory/ntap-20181127-0001/mitrex_refsource_CONFIRM
- www.samba.org/samba/security/CVE-2018-16841.htmlmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.