PT-2020-6718 · Samba+9 · Samba+9

Published

2020-10-29

·

Updated

2024-07-03

·

CVE-2020-14323

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Samba versions prior to 4.11.15 Samba versions prior to 4.12.9 Samba versions prior to 4.13.1
Description A null pointer dereference flaw was found in Samba's Winbind service. This issue allows an attacker to cause a denial of service. A local user could exploit this flaw to crash the winbind service.
Recommendations For versions prior to 4.11.15, update to version 4.11.15 or later to resolve the issue. For versions prior to 4.12.9, update to version 4.12.9 or later to resolve the issue. For versions prior to 4.13.1, update to version 4.13.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Winbind service to minimize the risk of exploitation.

Exploit

Fix

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476CWE-170

Related Identifiers

ALSA-2021:1647
ALT-PU-2020-3188
ALT-PU-2020-3215
ALT-PU-2020-3271
ALT-PU-2020-3406
ALT-PU-2021-1580
AZL-36989
AZL-7348
BDU:2022-05767
CESA-2020_5439
CESA-2021_1647
CVE-2020-14323
DLA-2463-1
DLA-3792-1
ECHO-E21C-245E-10F7
MGASA-2020-0410
OPENSUSE-SU-2020:1811-1
OPENSUSE-SU-2020:1819-1
OPENSUSE-SU-2020_1811-1
OPENSUSE-SU-2020_1819-1
OPENSUSE-SU-2024:11365-1
RHSA-2020:5439
RHSA-2020_5439
RHSA-2021:1647
RHSA-2021:3723
RHSA-2021_1647
RLSA-2021:1647
SUSE-SU-2020:14525-1
SUSE-SU-2020:3081-1
SUSE-SU-2020:3082-1
SUSE-SU-2020:3083-1
SUSE-SU-2020:3087-1
SUSE-SU-2020:3092-1
SUSE-SU-2020:3093-1
SUSE-SU-2021:0185-1
SUSE-SU-2023:0122-1
SUSE-SU-2023_0122-1
USN-4611-1
USN-4931-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Red Hat
Rocky Linux
Samba
Suse
Ubuntu