CVE-2018-16841

Name of the Vulnerable Software and Affected Versions Samba versions 4.3.0 through 4.7.11 Samba versions 4.8.0 through 4.8.6 Samba versions 4.9.0 through 4.9.2

Description The issue is related to a denial of service when Samba is configured to accept smart-card authentication. In this scenario, Samba's KDC will call talloc free() twice on the same memory if the principal in a validly signed certificate does not match the principal in the AS-REQ. This can only occur after authentication with a trusted certificate. The talloc function is robust against further corruption from a double-free with talloc free() and directly calls abort(), terminating the KDC process.

Recommendations For Samba versions 4.3.0 through 4.7.11, update to version 4.7.12 or later. For Samba versions 4.8.0 through 4.8.6, update to version 4.8.7 or later. For Samba versions 4.9.0 through 4.9.2, update to version 4.9.3 or later. As a temporary workaround, consider disabling smart-card authentication until a patch is available.