Samba has released a software update and patches for two security vulnerabilities that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
Samba software is used for file and print services for all clients using the SMB/CIFS protocol. Samba is used to seamlessly integrate Linux/Unix systems into Windows Active Directory environments.
The latest Samba security releases 4.10.15, 4.11.8 and 4.12.2 address two vulnerabilities CVE-2020-170704 and CVE-2020-17000.
CVE-2020-10704
One of the security updates addresses an LDAP Denial of Service (stack overflow) vulnerability CVE-2020-10704 in Samba AD DC.
According to Samba, “a deeply nested filter in an un-authenticated LDAP search can exhaust the LDAP server’s stack memory causing a SIGSEGV.”
The issue is rated High severity and has a CVSS score of 7.5.
CVE-2020-10700
The other security updates addresses a Use-after-free vulnerability CVE-2020-10700 in Samba AD DC LDAP Server with ASQ.
According to Samba, “a client combining the ‘ASQ’ and ‘Paged Results’ LDAP
controls can cause a use-after-free in Samba’s AD DC LDAP server.”
This issue is rated Moderate severity and has a CVSS score of 5.3.