Samba has released fixes for two security vulnerabilities that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
The first vulnerability, “Samba AD DC Denial of Service in DNS management server (dnsserver)” CVE-2019-12435, affects Samba 4.9 and 4.10.
In particular, Samba said that an authenticated user could crash the Samba AD DC’s RPC server process via a NULL pointer de-reference. Also, the vulnerability is rated Medium severity and CVSSv3 base score of 6.5.
To address the vulnerability, organizations and users should upgrade to Samba versions 4.9.9 and 4.10.5.
The second vulnerability, “Samba AD DC LDAP server crash (paged searches)” CVE-2019-12436, impacts all versions of Samba since Samba 4.10.0.
In this case, Samba noted that “a user with read access to the directory can cause a NULL pointer dereference using the paged search control.”
Samba also rates this vulnerability Medium severity and CVSSv3 base score of 6.5.