PT-2021-13869 · Samba+8 · Samba+8

Douglas Bagnall

Published

2021-03-24

Updated

2024-06-15

CVE-2021-20277

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Samba (affected versions not specified)

Description: A flaw was found in Samba's libldb, where multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write. This issue can cause a crash of the LDAP server process handling the request, with the highest threat being to system availability.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Out of bounds Read

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787

Related Identifiers

ALT-PU-2021-1548

ALT-PU-2021-1556

ALT-PU-2021-1568

ALT-PU-2021-1580

ALT-PU-2021-2045

ALT-PU-2021-2081

AZL-37000

AZL-44535

AZL-7353

CESA-2021_1072

CESA-2021_1197

CVE-2021-20277

DLA-2611-1

DSA-4884-1

ECHO-51A5-064B-0E9B

MGASA-2021-0287

OESA-2021-1207

OPENSUSE-SU-2021:0469-1

OPENSUSE-SU-2021:0636-1

OPENSUSE-SU-2021:3187-1

OPENSUSE-SU-2021_0469-1

OPENSUSE-SU-2021_0636-1

OPENSUSE-SU-2021_3187-1

OPENSUSE-SU-2022:0283-1

OPENSUSE-SU-2022_0283-1

OPENSUSE-SU-2024:10911-1

OPENSUSE-SU-2024:11365-1

RHSA-2021:1072

RHSA-2021:1197

RHSA-2021:1213

RHSA-2021:1214

RHSA-2021:2331

RHSA-2021:2786

RHSA-2021_1072

RHSA-2021_1197

SUSE-SU-2021:0944-1

SUSE-SU-2021:0945-1

SUSE-SU-2021:1440-1

SUSE-SU-2021:1444-1

SUSE-SU-2021:1498-1

SUSE-SU-2021:3187-1

SUSE-SU-2022:0283-1

USN-4888-1

USN-4888-2

Affected Products

Alt Linux

Astra Linux

Centos

Debian

Linuxmint

Red Hat

Samba

Suse

Ubuntu

PT-2021-13869 · Samba+8 · Samba+8

CVE-2021-20277

Weakness Enumeration

Related Identifiers

Affected Products

References · 154