A flaw was found in Sambas libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability.
The product reads data past the end, or before the beginning, of the intended buffer.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Samba | Samba | 4.0.0 (including) | 4.12.13 (excluding) |
Samba | Samba | 4.13.0 (including) | 4.13.6 (excluding) |
Samba | Samba | 4.14.0 (including) | 4.14.1 (excluding) |
Red Hat Enterprise Linux 7 | RedHat | libldb-0:1.5.4-2.el7_9 | * |
Red Hat Enterprise Linux 7.6 Advanced Update Support(Disable again in 2026 - SPRHEL-7118) | RedHat | libldb-0:1.3.4-2.el7_6 | * |
Red Hat Enterprise Linux 7.6 Telco Extended Update Support | RedHat | libldb-0:1.3.4-2.el7_6 | * |
Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions | RedHat | libldb-0:1.3.4-2.el7_6 | * |
Red Hat Enterprise Linux 7.7 Extended Update Support | RedHat | libldb-0:1.4.2-2.el7_7 | * |
Red Hat Enterprise Linux 8 | RedHat | libldb-0:2.1.3-3.el8_3 | * |
Red Hat Enterprise Linux 8.1 Extended Update Support | RedHat | libldb-0:1.5.4-3.el8_1 | * |
Red Hat Enterprise Linux 8.2 Extended Update Support | RedHat | libldb-0:2.0.7-4.el8_2 | * |
Ldb | Ubuntu | bionic | * |
Ldb | Ubuntu | devel | * |
Ldb | Ubuntu | focal | * |
Ldb | Ubuntu | groovy | * |
Ldb | Ubuntu | trusty | * |
Ldb | Ubuntu | trusty/esm | * |
Ldb | Ubuntu | xenial | * |
Samba | Ubuntu | trusty | * |