CVE-2020-14323

Published: 29 October 2020

A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.

Priority

Medium

CVSS 3 base score: 5.5

Status

Package Release Status
samba
Launchpad, Ubuntu, Debian
Upstream
Released (4.11.15,4.12.9,4.13.1)
Ubuntu 21.04 (Hirsute Hippo)
Released (2:4.12.5+dfsg-3ubuntu4.1)
Ubuntu 20.10 (Groovy Gorilla)
Released (2:4.12.5+dfsg-3ubuntu4.1)
Ubuntu 20.04 LTS (Focal Fossa)
Released (2:4.11.6+dfsg-0ubuntu1.6)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (2:4.7.6+dfsg~ubuntu-0ubuntu2.21)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (2:4.3.11+dfsg-0ubuntu0.16.04.32)
Ubuntu 14.04 ESM (Trusty Tahr) Needed

Ubuntu 12.04 ESM (Precise Pangolin) Needed