Your submission was sent successfully! Close

CVE-2020-10700

Published: 28 April 2020

A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.

Priority

Medium

CVSS 3 base score: 5.3

Status

Package Release Status
samba
Launchpad, Ubuntu, Debian
Upstream
Released (4.10.15,4.11.8,4.12.2)
Ubuntu 20.04 LTS (Focal Fossa)
Released (2:4.11.6+dfsg-0ubuntu1.1)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(code not present)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(code not present)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(code not present)