Medium severity6.5NVD Advisory· Published Jul 7, 2020· Updated Jun 17, 2026
CVE-2020-10730
CVE-2020-10730
Description
A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected code is shipped with the libldb package. This flaw allows an authenticated user to possibly trigger a use-after-free or NULL pointer dereference. The highest threat from this vulnerability is to system availability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
25- Samba/Samba AD LDAP serverdescription
- Range: <4.10.17, <4.11.11, <4.12.4
- osv-coords23 versionspkg:rpm/opensuse/ldb&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/ldb&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/ldb&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/samba&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/samba&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweedpkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP1pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP1pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP1pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 1.4.6-lp151.2.3.1+ 22 more
- (no CPE)range: < 1.4.6-lp151.2.3.1
- (no CPE)range: < 2.0.12-lp152.2.3.1
- (no CPE)range: < 2.3.0-1.3
- (no CPE)range: < 4.9.5+git.343.4bc358522a9-lp151.2.27.1
- (no CPE)range: < 4.11.11+git.180.2cf3b203f07-lp152.3.3.1
- (no CPE)range: < 4.14.6+git.182.2205d5224e3-1.1
- (no CPE)range: < 1.4.6-3.5.2
- (no CPE)range: < 2.0.12-3.3.1
- (no CPE)range: < 1.4.6-3.5.2
- (no CPE)range: < 1.5.8-3.5.1
- (no CPE)range: < 1.5.8-3.5.1
- (no CPE)range: < 1.5.8-3.5.1
- (no CPE)range: < 4.9.5+git.343.4bc358522a9-3.38.1
- (no CPE)range: < 4.10.17+git.203.862547088ca-3.14.1
- (no CPE)range: < 4.9.5+git.343.4bc358522a9-3.38.1
- (no CPE)range: < 4.11.11+git.180.2cf3b203f07-4.5.1
- (no CPE)range: < 4.9.5+git.343.4bc358522a9-3.38.1
- (no CPE)range: < 4.11.11+git.180.2cf3b203f07-4.5.1
- (no CPE)range: < 4.9.5+git.343.4bc358522a9-3.38.1
- (no CPE)range: < 4.11.11+git.180.2cf3b203f07-4.5.1
- (no CPE)range: < 4.10.17+git.203.862547088ca-3.14.1
- (no CPE)range: < 4.10.17+git.203.862547088ca-3.14.1
- (no CPE)range: < 4.10.17+git.203.862547088ca-3.14.1
Patches
Vulnerability mechanics
References
10- lists.opensuse.org/opensuse-security-announce/2020-07/msg00030.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2020-07/msg00054.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2020-08/msg00000.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2020-09/msg00002.htmlnvdMailing ListThird Party Advisory
- lists.debian.org/debian-lts-announce/2020/11/msg00041.htmlnvdIssue TrackingThird Party Advisory
- security.gentoo.org/glsa/202007-15nvdThird Party Advisory
- www.debian.org/security/2021/dsa-4884nvdThird Party Advisory
- www.samba.org/samba/security/CVE-2020-10730.htmlnvdVendor Advisory
- bugzilla.redhat.com/show_bug.cginvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6YLNQ5GRXUKYRUAOFZ4DUBVN4SMTL6Q2/nvd
News mentions
0No linked articles in our index yet.