CVE-2020-10700

Summary

A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.

Affected Software

VendorProductVersion RangeStatus
Red HatsambaAll versions before 4.10.15affected
Red HatsambaAll versions before 4.11.8affected
Red HatsambaAll versions before 4.12.2affected

Weaknesses

  • CWE-416: CWE-416

ADP Enrichment

CVE Program Container

Additional References

References