smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Samba | Samba | * | 4.4.9 (including) |
| Samba | Samba | 4.5.0 (including) | 4.5.0 (including) |
| Samba | Samba | 4.5.1 (including) | 4.5.1 (including) |
| Samba | Samba | 4.5.2 (including) | 4.5.2 (including) |
| Samba | Samba | 4.5.3 (including) | 4.5.3 (including) |
| Samba | Samba | 4.5.4 (including) | 4.5.4 (including) |
| Samba | Samba | 4.5.5 (including) | 4.5.5 (including) |
| Red Hat Enterprise Linux 7 | RedHat | samba-0:4.6.2-8.el7 | * |
| Red Hat Gluster Storage 3.2 for RHEL 7 | RedHat | samba-0:4.6.3-4.el7rhgs | * |
| Red Hat Gluster Storage 3.3 for RHEL 6 | RedHat | libldb-0:1.1.29-1.el6rhs | * |
| Red Hat Gluster Storage 3.3 for RHEL 6 | RedHat | libtalloc-0:2.1.9-1.el6rhs | * |
| Red Hat Gluster Storage 3.3 for RHEL 6 | RedHat | libtdb-0:1.3.12-1.1.el6rhs | * |
| Red Hat Gluster Storage 3.3 for RHEL 6 | RedHat | libtevent-0:0.9.31-1.el6rhs | * |
| Red Hat Gluster Storage 3.3 for RHEL 6 | RedHat | samba-0:4.6.3-5.el6rhs | * |
| Samba | Ubuntu | trusty | * |
| Samba | Ubuntu | upstream | * |
| Samba | Ubuntu | xenial | * |
| Samba | Ubuntu | yakkety | * |