Lucene search
PRIOn knowledge basePRION:CVE-2018-16841HistoryNov 28, 2018 - 2:29 p.m.
Double free
2018-11-2814:29:00
PRIOn knowledge base
www.prio-n.com
8
Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba’s KDC will call talloc_free() twice on the same memory if the principal in a validly signed certificate does not match the principal in the AS-REQ. This is only possible after authentication with a trusted certificate. talloc is robust against further corruption from a double-free with talloc_free() and directly calls abort(), terminating the KDC process.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ubuntu_linux | eq | 16.04 | |
| ubuntu_linux | eq | 14.04 | |
| ubuntu_linux | eq | 12.04 | |
| ubuntu_linux | eq | 18.04 | |
| ubuntu_linux | eq | 18.10 | |
| debian_linux | eq | 9.0 | |
| samba | ge | 4.3.0 | |
| samba | lt | 4.7.12 | |
| samba | ge | 4.8.0 | |
| samba | lt | 4.8.7 |
References
Related
alpinelinux
alpinelinux
CVE-2018-16841
2018-11-28 14:29:00
osv
osv
CVE-2018-16841
2018-11-28 14:29:00
samba - security update
2018-11-27 00:00:00
cvelist
cvelist
CVE-2018-16841
2018-11-28 14:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1780)
2020-01-23 00:00:00
Samba DoS Vulnerability (CVE-2018-16841)
2018-11-29 00:00:00
Ubuntu: Security Advisory (USN-3827-2)
2022-08-26 00:00:00
samba
samba
Double-free in Samba AD DC KDC with PKINIT
2018-11-27 00:00:00
debiancve
debiancve
CVE-2018-16841
2018-11-28 14:29:00
nvd
nvd
CVE-2018-16841
2018-11-28 14:29:00
ubuntucve
ubuntucve
CVE-2018-16841
2018-11-27 00:00:00
redhatcve
redhatcve
CVE-2018-16841
2018-11-28 02:19:59
cve
cve
CVE-2018-16841
2018-11-28 14:29:00
nessus
nessus
EulerOS 2.0 SP8 : samba (EulerOS-SA-2019-1780)
2019-07-25 00:00:00
Debian DSA-4345-1 : samba - security update
2018-11-29 00:00:00
debian
debian
[SECURITY] [DSA 4345-1] samba security update
2018-11-27 11:35:08
[SECURITY] [DSA 4345-1] samba security update
2018-11-27 11:35:08
ubuntu
ubuntu
Samba vulnerabilities
2018-11-27 00:00:00
Samba vulnerabilities
2018-11-27 00:00:00
mageia
mageia
Updated ldb, talloc, and samba packages fix security vulnerabilities
2019-01-05 21:30:16
altlinux
altlinux
Security fix for the ALT Linux 8 package samba version 4.7.12-alt1
2018-11-29 00:00:00
Security fix for the ALT Linux 8 package samba-DC version 4.7.12-alt1
2018-11-29 00:00:00
Security fix for the ALT Linux 10 package samba version 4.9.3-alt1
2018-11-28 00:00:00
archlinux
archlinux
[ASA-201811-22] samba: multiple issues
2018-11-28 00:00:00
cisa
cisa
Samba Releases Security Updates
2018-11-27 00:00:00
slackware
slackware
[slackware-security] samba
2018-11-29 06:28:25
freebsd
freebsd
samba -- multiple vulnerabilities
2018-08-14 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: samba-4.9.3-0.fc29
2018-12-02 08:28:26
[SECURITY] Fedora 29 Update: samba-4.9.6-0.fc29
2019-04-16 04:05:09
[SECURITY] Fedora 29 Update: samba-4.9.8-0.fc29
2019-05-18 03:21:47
gentoo
gentoo
Samba: Multiple vulnerabilities
2020-03-25 00:00:00