Adam Xu

**Name of the Vulnerable Software and Affected Versions** samba versions 4.0.0 through 4.9.14 samba versions 4.10.x through 4.10.9 **Description** A flaw in the samba software allows an attacker to crash the AD DC LDAP server via dirsync, resulting in denial of service. The issue is related to a null pointer dereference in the LDAP dirsync component. Privilege escalation is not possible with this issue. The vulnerability can be exploited by a remote attacker to cause a denial of service. **Recommendations** For samba versions 4.0.0 through 4.9.14, update to version 4.9.15 or later. For samba versions 4.10.x through 4.10.9, update to version 4.10.10 or later. As a temporary workaround, consider restricting access to the dirsync component to minimize the risk of exploitation.