CVE-2018-10918NULL Pointer Dereference in Samba

CWE-476NULL Pointer Dereference10 documents8 sources
Severity
6.5MEDIUMNVD
CNA5.2
EPSS
4.3%
top 11.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
SambaTHE Samba Team SambaCanonical Ubuntu Linux
Timeline
PublishedAug 22
Latest updateMay 13

Description

A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer. An authenticated attacker could use this flaw to crash a samba server in an Active Directory Domain Controller configuration. Samba versions before 4.7.9 and 4.8.4 are vulnerable.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

NVDsamba/samba4.7.04.7.9+1
Debiansamba/samba< 2:4.8.4+dfsg-1+3
CVEListV5the_samba_team/samba4.7.9, 4.8.4+1

Also affects: Ubuntu Linux 14.04, 16.04, 18.04

Patches

Patch: www.samba.orgPatch: www.samba.org

🔴Vulnerability Details

4
GHSA
GHSA-3gcv-q5vm-qrxr: A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer2022-05-13
CVEList
CVE-2018-10918: A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer2018-08-22
OSV
CVE-2018-10918: A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer2018-08-22
OSV
samba vulnerabilities2018-08-14

📋Vendor Advisories

3
Red Hat
samba: DsCrackNames on a user without an SPN can trigger NULL-pointer de-reference2018-08-16
Ubuntu
Samba vulnerabilities2018-08-14
Debian
CVE-2018-10918: samba - A null pointer dereference flaw was found in the way samba checked database outp...2018

💬Community

2
Bugzilla
CVE-2018-10918 samba: DsCrackNames on a user without an SPN can trigger NULL-pointer de-reference [fedora-all]2018-08-16
Bugzilla
CVE-2018-10918 samba: DsCrackNames on a user without an SPN can trigger NULL-pointer de-reference2018-08-01
CVE-2018-10918 — NULL Pointer Dereference in Samba | cvebase