CVE-2019-12435

2019-06-1908:22:35

redhat.com

access.redhat.com

0.017 Low

EPSS

Percentile

87.9%

JSON

Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer dereference, leading to Denial of Service. This is related to the AD DC DNS management server (dnsserver) RPC server process.

Mitigation

The dnsserver task can be stopped by setting
'dcerpc endpoint servers = -dnsserver'
in the smb.conf and restarting Samba.

References

bugzilla.redhat.com/show_bug.cgi?id=1711816

nvd.nist.gov/vuln/detail/CVE-2019-12435

CVE-2019-12435

Mitigation

References

Related