=========================================================== == Subject: Denial of service in Samba Active Directory == server. == == CVE ID#: CVE-2015-3223 == == Versions: Samba 4.0.0 to 4.3.2 == == Summary: Malicious request can cause Samba LDAP server == to hang, spinning using CPU. == =========================================================== =========== Description =========== All versions of Samba from 4.0.0 to 4.3.2 inclusive (resp. all ldb versions up to 1.1.23 inclusive) are vulnerable to a denial of service attack in the samba daemon LDAP server. A malicious client can send packets that cause the LDAP server in the samba daemon process to become unresponsive, preventing the server from servicing any other requests. This flaw is not exploitable beyond causing the code to loop expending CPU resources. ================== Patch Availability ================== Patches addressing this defect have been posted to https://www.samba.org/samba/history/security.html Additionally, Samba 4.3.3, 4.2.7 and 4.1.22 (resp. ldb 1.1.24) have been issued as security releases to correct the defect. Samba vendors and administrators running affected versions are advised to upgrade or apply the patch as soon as possible. ========== Workaround ========== None. ======= Credits ======= This problem was found by Thilo Uttendorfer of Linux Information Systems AG. The fix was created by Jeremy Allison of Google.