Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2018-14629

A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead to infinite recursion in the server. An unprivileged local attacker could create such an entry, leading to denial of service.

Related bugs and status

CVE-2018-14629 (Candidate) is related to these bugs:

Bug #1792400: smbd failed in host when both lxd container and host have smbd

		In	Importance	Status
1792400	smbd failed in host when both lxd container and host have smbd	samba (Ubuntu)	High	Fix Released
1792400	smbd failed in host when both lxd container and host have smbd	samba (Ubuntu Xenial)	High	Fix Released
1792400	smbd failed in host when both lxd container and host have smbd	samba (Ubuntu Trusty)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugzilla.redha...
CONFIRM: https://www.samba.org/...
CONFIRM: https://security.netap...
DEBIAN: DSA-4345
UBUNTU: USN-3827-1
UBUNTU: USN-3827-2
BID: 106022
MLIST: [debian-lts-announce] ...
GENTOO: GLSA-202003-52