CVE-2018-16851
MEDIUMSamba 4.0.0-4.7.11 - Denial of Service via LDAP Search Cache Overflow
Title source: llmDescription
Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256MB. When this size is reached, the Samba process providing the LDAP service will follow the NULL pointer, terminating the process. There is no further vulnerability associated with this issue, merely a denial of service.
References (9)
Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106027
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3827-2/
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3827-1/
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20181127-0001/
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2018/12/msg00005.html
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16851
Third Party Advisory vendor-advisory
x_refsource_debian
https://www.debian.org/security/2018/dsa-4345
Patch, Vendor Advisory x_refsource_confirm
https://www.samba.org/samba/security/CVE-2018-16851.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/202003-52
Scores
CVSS v3
6.5
EPSS
0.0920
EPSS Percentile
92.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-476
Status
published
Products (8)
canonical/ubuntu_linux
12.04
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
16.04
canonical/ubuntu_linux
18.04
canonical/ubuntu_linux
18.10
debian/debian_linux
8.0
debian/debian_linux
9.0
samba/samba
4.0.0 - 4.7.12
Published
Nov 28, 2018
Tracked Since
Feb 18, 2026