Unrated severityNVD Advisory· Published Nov 28, 2018· Updated Aug 5, 2024
CVE-2018-16851
CVE-2018-16851
Description
Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256MB. When this size is reached, the Samba process providing the LDAP service will follow the NULL pointer, terminating the process. There is no further vulnerability associated with this issue, merely a denial of service.
Affected products
4- osv-coords4 versionspkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweedpkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015
< 4.14.6+git.182.2205d5224e3-1.1+ 3 more
- (no CPE)range: < 4.14.6+git.182.2205d5224e3-1.1
- (no CPE)range: < 4.7.11+git.140.6bd0e5b30d8-4.21.1
- (no CPE)range: < 4.7.11+git.140.6bd0e5b30d8-4.21.1
- (no CPE)range: < 4.7.11+git.140.6bd0e5b30d8-4.21.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- security.gentoo.org/glsa/202003-52mitrevendor-advisoryx_refsource_GENTOO
- usn.ubuntu.com/3827-1/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3827-2/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2018/dsa-4345mitrevendor-advisoryx_refsource_DEBIAN
- www.securityfocus.com/bid/106027mitrevdb-entryx_refsource_BID
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
- lists.debian.org/debian-lts-announce/2018/12/msg00005.htmlmitremailing-listx_refsource_MLIST
- security.netapp.com/advisory/ntap-20181127-0001/mitrex_refsource_CONFIRM
- www.samba.org/samba/security/CVE-2018-16851.htmlmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.