QwikSec

Security Database

CVE

CWE

Training

CVE-2020-10730

Published: Jul 7, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected code is shipped with the libldb package. This flaw allows an authenticated user to possibly trigger a use-after-free or NULL pointer dereference. The highest threat from this vulnerability is to system availability.

Vendor	Product	Versions
n/a	Samba	affected `All Samba versions before 4.10.17, before 4.11.11 and before 4.12.4`

References

https://bugzilla.redhat.com/show_bug.cgi?id=1849489%3B

x_refsource_MISC

https://www.samba.org/samba/security/CVE-2020-10730.html

x_refsource_MISC

FEDORA-2020-5131d30947

vendor-advisory

x_refsource_FEDORA

openSUSE-SU-2020:0984

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2020:1023

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_GENTOO

openSUSE-SU-2020:1121

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2020:1313

vendor-advisory

x_refsource_SUSE

[debian-lts-announce] 20201123 [SECURITY] [DLA 2463-1] samba security update

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_DEBIAN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.