A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
05 Aug 2022, 16:01
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 |
26 May 2021, 19:45
Type | Values Removed | Values Added |
---|---|---|
References | (GENTOO) https://security.gentoo.org/glsa/202105-22 - Third Party Advisory |
26 May 2021, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
20 May 2021, 17:45
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* |
|
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1941402 - Issue Tracking, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLZ74IF2N75VQSIHBL4B3P5WKWQCXSRY/ - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/03/msg00036.html - Mailing List, Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2021/dsa-4884 - Third Party Advisory | |
References | (MISC) https://www.samba.org/samba/security/CVE-2021-20277.html - Vendor Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5J3B6PN5XMXF3OHYBNHDKZ3XFSUGY4L/ - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20210326-0007/ - Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXP3ONIY6MB4C5LDZV4YL5KJCES3UX24/ - Mailing List, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
Information
Published : 2021-05-12 14:15
Updated : 2024-02-04 21:47
NVD link : CVE-2021-20277
Mitre link : CVE-2021-20277
CVE.ORG link : CVE-2021-20277
JSON object : View
Products Affected
samba
- samba
debian
- debian_linux
fedoraproject
- fedora