Medium severity5.3NVD Advisory· Published May 4, 2020· Updated Jun 17, 2026
CVE-2020-10700
CVE-2020-10700
Description
A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
18- Range: <4.10.15, <4.11.8, <4.12.2
- Range: <4.10.15, <4.11.8, <4.12.2
- osv-coords15 versionspkg:rpm/opensuse/ldb&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/ldb&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/samba&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweedpkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 2.0.12-lp152.2.3.1+ 14 more
- (no CPE)range: < 2.0.12-lp152.2.3.1
- (no CPE)range: < 2.3.0-1.3
- (no CPE)range: < 4.11.11+git.180.2cf3b203f07-lp152.3.3.1
- (no CPE)range: < 4.14.6+git.182.2205d5224e3-1.1
- (no CPE)range: < 2.0.12-3.3.1
- (no CPE)range: < 1.5.8-3.5.1
- (no CPE)range: < 1.5.8-3.5.1
- (no CPE)range: < 1.5.8-3.5.1
- (no CPE)range: < 4.10.17+git.203.862547088ca-3.14.1
- (no CPE)range: < 4.11.11+git.180.2cf3b203f07-4.5.1
- (no CPE)range: < 4.11.11+git.180.2cf3b203f07-4.5.1
- (no CPE)range: < 4.11.11+git.180.2cf3b203f07-4.5.1
- (no CPE)range: < 4.10.17+git.203.862547088ca-3.14.1
- (no CPE)range: < 4.10.17+git.203.862547088ca-3.14.1
- (no CPE)range: < 4.10.17+git.203.862547088ca-3.14.1
- Red Hat/sambav5Range: All versions before 4.10.15
Patches
Vulnerability mechanics
References
8- lists.opensuse.org/opensuse-security-announce/2020-07/msg00054.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2020-09/msg00002.htmlnvdMailing ListThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- security.gentoo.org/glsa/202007-15nvdThird Party Advisory
- www.samba.org/samba/security/CVE-2020-10700.htmlnvdVendor Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U5KW3ZO35NVDO57JSBZHTQZOS3AIQ5QE/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WG54NRMES2GTURZKZH6H4BGXCD3OMJDJ/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y7DVGCHG3XPIBQ5ETGMGW7MXNOO4HFH4/nvd
News mentions
0No linked articles in our index yet.