Out-of-bounds Read Affecting samba package, versions [0,]


0.0
medium

Snyk CVSS

    Attack Complexity Low

    Threat Intelligence

    EPSS 0.22% (60th percentile)
Expand this section
NVD
8.1 high
Expand this section
SUSE
5.4 medium
Expand this section
Red Hat
5.4 medium

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-UNMANAGED-SAMBA-2961661
  • published 28 Jul 2022
  • disclosed 27 Jul 2022
  • credit Joseph Sutton

How to fix?

A fix was pushed into the master branch but not yet published.

Overview

Affected versions of this package are vulnerable to Out-of-bounds Read when Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.