High severity7.5NVD Advisory· Published May 6, 2020· Updated Jun 17, 2026
CVE-2020-10704
CVE-2020-10704
Description
A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
26- Range: <4.10.15, <4.11.8, <4.12.2
- osv-coords24 versionspkg:rpm/opensuse/ldb&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/samba&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/samba&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweedpkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP1pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP1pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 2.0.12-lp152.2.3.1+ 23 more
- (no CPE)range: < 2.0.12-lp152.2.3.1
- (no CPE)range: < 4.9.5+git.317.6d82fb3918b-lp151.2.24.1
- (no CPE)range: < 4.11.11+git.180.2cf3b203f07-lp152.3.3.1
- (no CPE)range: < 4.14.6+git.182.2205d5224e3-1.1
- (no CPE)range: < 2.0.12-3.3.1
- (no CPE)range: < 1.5.8-3.5.1
- (no CPE)range: < 1.5.8-3.5.1
- (no CPE)range: < 1.5.8-3.5.1
- (no CPE)range: < 4.9.5+git.317.6d82fb3918b-3.35.1
- (no CPE)range: < 4.10.17+git.203.862547088ca-3.14.1
- (no CPE)range: < 4.7.11+git.231.7f324c4d89e-4.40.1
- (no CPE)range: < 4.9.5+git.317.6d82fb3918b-3.35.1
- (no CPE)range: < 4.11.11+git.180.2cf3b203f07-4.5.1
- (no CPE)range: < 4.7.11+git.231.7f324c4d89e-4.40.1
- (no CPE)range: < 4.7.11+git.231.7f324c4d89e-4.40.1
- (no CPE)range: < 4.9.5+git.317.6d82fb3918b-3.35.1
- (no CPE)range: < 4.11.11+git.180.2cf3b203f07-4.5.1
- (no CPE)range: < 4.9.5+git.317.6d82fb3918b-3.35.1
- (no CPE)range: < 4.11.11+git.180.2cf3b203f07-4.5.1
- (no CPE)range: < 4.10.17+git.203.862547088ca-3.14.1
- (no CPE)range: < 4.7.11+git.231.7f324c4d89e-4.40.1
- (no CPE)range: < 4.10.17+git.203.862547088ca-3.14.1
- (no CPE)range: < 4.7.11+git.231.7f324c4d89e-4.40.1
- (no CPE)range: < 4.10.17+git.203.862547088ca-3.14.1
- Red Hat/sambav5Range: All versions before 4.10.15
Patches
Vulnerability mechanics
References
8- lists.opensuse.org/opensuse-security-announce/2020-07/msg00054.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2020-09/msg00002.htmlnvdMailing ListThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- lists.debian.org/debian-lts-announce/2020/11/msg00041.htmlnvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/202007-15nvdThird Party Advisory
- www.samba.org/samba/security/CVE-2020-10704.htmlnvdVendor Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U5KW3ZO35NVDO57JSBZHTQZOS3AIQ5QE/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y7DVGCHG3XPIBQ5ETGMGW7MXNOO4HFH4/nvd
News mentions
0No linked articles in our index yet.