CVE-2019-12435

EUVD-2019-4045
Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer dereference, leading to Denial of Service. This is related to the AD DC DNS management server (dnsserver) RPC server process.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
Affected Products (NVD)
VendorProductVersion
sambasamba
4.9.0 ≤
𝑥
< 4.9.9
sambasamba
4.10.0 ≤
𝑥
< 4.10.5
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
samba
bookworm
2:4.17.12+dfsg-0+deb12u1
fixed
bookworm (security)
2:4.17.12+dfsg-0+deb12u1
fixed
bullseye
2:4.13.13+dfsg-1~deb11u6
fixed
bullseye (security)
2:4.13.13+dfsg-1~deb11u6
fixed
jessie
not-affected
sid
2:4.21.1+dfsg-2
fixed
stretch
not-affected
trixie
2:4.21.1+dfsg-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
samba
bionic
not-affected
cosmic
not-affected
disco
Fixed 2:4.10.0+dfsg-0ubuntu2.2
released
trusty
not-affected
xenial
not-affected
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00023.html
http://www.securityfocus.com/bid/108825
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QSG3TLPZP35RH5DWAIDC7MHXRK5DFKOE/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ3LCJNJ3ONHIRKDSKOTT6QGXALLCHVG/
https://usn.ubuntu.com/4018-1/
https://www.samba.org/samba/security/CVE-2019-12435.html
https://www.synology.com/security/advisory/Synology_SA_19_27
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00023.html
http://www.securityfocus.com/bid/108825
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QSG3TLPZP35RH5DWAIDC7MHXRK5DFKOE/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ3LCJNJ3ONHIRKDSKOTT6QGXALLCHVG/
https://usn.ubuntu.com/4018-1/
https://www.samba.org/samba/security/CVE-2019-12435.html
https://www.synology.com/security/advisory/Synology_SA_19_27