CVE-2020-10745

Name
CVE-2020-10745
Description
A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. This highest threat from this vulnerability is to system availability.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1849491;
Vendor Advisory https://www.samba.org/samba/security/CVE-2020-10745.html
Mailing List https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6YLNQ5GRXUKYRUAOFZ4DUBVN4SMTL6Q2/
Mailing List http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00030.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00054.html
GENTOO https://security.gentoo.org/glsa/202007-15
SUSE http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00002.html
MLIST https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* samba >= 4.0.0 < 4.10.17
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* samba >= 4.11.0 < 4.11.11
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* samba >= 4.12.0 < 4.12.4

Vulnerable and fixed packages

Source package Branch Version Maintainer Status