Debian Ldb vulnerabilities

CVE-2021-20277 [HIGH] CVE-2021-20277: ldb - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an L... A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. Scope: local bullseye: resolved (fixed in 2:2.2.0-3.1)

CVE-2021-3670 [MEDIUM] CVE-2021-3670: ldb - MaxQueryDuration not honoured in Samba AD DC LDAP MaxQueryDuration not honoured in Samba AD DC LDAP Scope: local bullseye: resolved (fixed in 2:2.2.3-1)

CVE-2020-27840 [HIGH] CVE-2020-27840: ldb - A flaw was found in samba. Spaces used in a string around a domain name (DN), wh... A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability. Scope: local bullseye: resolved (fixed in 2:2.2.0-3.1)

CVE-2020-10730 [MEDIUM] CVE-2020-10730: ldb - A NULL pointer dereference, or possible use-after-free flaw was found in Samba A... A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected code is shipped with the libldb package. This flaw allows an authenticated user to possibly trigge

CVE-2019-3824 [MEDIUM] CVE-2019-3824: ldb - A flaw was found in the way an LDAP search expression could crash the shared LDA... A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service. Scope: local bullseye: resolved (fixed in 2:1.5.1+really1.4.3-2)

CVE-2015-5330 [HIGH] CVE-2015-5330: ldb - ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2... ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value. Scope: local bullseye: resolved (fixed in 2:1.1.24

CVE-2015-3223 [MEDIUM] CVE-2015-3223: ldb - The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used i... The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets. Scope: local bullseye: resolved (fixed in 2:1.1.24-1)