CVE-2015-7540 | Vulnerability Database | Aqua Security

The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets.

Affected Software

Name	Vendor	Start Version	End Version
Samba	Samba	4.0.0 (including)	4.1.22 (excluding)
Red Hat Enterprise Linux 6	RedHat	samba4-0:4.0.0-67.el6_7.rc4	*
Red Hat Enterprise Linux 7	RedHat	samba-0:4.2.3-10.el7	*
Red Hat Gluster Storage 3.1 for RHEL 6	RedHat	samba-0:4.1.17-16.el6rhs	*
Samba	Ubuntu	devel	*
Samba	Ubuntu	trusty	*
Samba	Ubuntu	upstream	*
Samba	Ubuntu	vivid	*
Samba	Ubuntu	wily	*
Samba	Ubuntu	xenial	*
Samba	Ubuntu	yakkety	*
Samba	Ubuntu	zesty	*
Samba4	Ubuntu	precise	*
Samba4	Ubuntu	upstream	*

References

http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174076.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174391.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.html
http://www.debian.org/security/2016/dsa-3433
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securityfocus.com/bid/79736
http://www.securitytracker.com/id/1034492
http://www.ubuntu.com/usn/USN-2855-1
http://www.ubuntu.com/usn/USN-2855-2
https://bugzilla.redhat.com/show_bug.cgi?id=1288451
https://git.samba.org/?p=samba.git%3Ba=commit%3Bh=530d50a1abdcdf4d1775652d4c456c1274d83d8d
https://git.samba.org/?p=samba.git%3Ba=commit%3Bh=9d989c9dd7a5b92d0c5d65287935471b83b6e884
https://security.gentoo.org/glsa/201612-47
https://www.samba.org/samba/security/CVE-2015-7540.html

NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-7540
CWE	https://cwe.mitre.org/data/definitions/399.html