Description
A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected products
- Red Hat / sambaAll versions before 4.10.15 – All versions before 4.10.15
- Red Hat / sambaAll versions before 4.11.8 – All versions before 4.11.8
- Red Hat / sambaAll versions before 4.12.2 – All versions before 4.12.2
References
- MISChttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10700
- MISChttps://www.samba.org/samba/security/CVE-2020-10700.html
- MAILING_LISThttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WG54NRMES2GTURZKZH6H4BGXCD3OMJDJ/
- MAILING_LISThttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y7DVGCHG3XPIBQ5ETGMGW7MXNOO4HFH4/
- MAILING_LISThttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U5KW3ZO35NVDO57JSBZHTQZOS3AIQ5QE/
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2020-07/msg00054.html
- MISChttps://security.gentoo.org/glsa/202007-15
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2020-09/msg00002.html