CVE-2019-19344

Summary

There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.

Affected Software

VendorProductVersion RangeStatus
Red Hatsambaall samba 4.11.x versions before 4.11.5affected
Red Hatsambaall samba 4.10.x versions before 4.10.12affected
Red Hatsambaall samba 4.9.x versions before 4.9.18affected

Weaknesses

  • CWE-416: CWE-416

ADP Enrichment

CVE Program Container

Additional References

References