Vulnerability CVE-2020-14303: Information

Description

A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-14303
Published: July 6, 2020
Modified: Nov. 7, 2023
Error type identifier: CWE-834

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
sambasisyphus4.11.11-alt14.19.6-alt1ALT-PU-2020-2444-1254607Fixed
sambap104.11.11-alt14.19.6-alt1ALT-PU-2020-2444-1254607Fixed
sambap94.11.11-alt14.14.10-alt2ALT-PU-2020-2476-1255267Fixed
sambac10f14.11.11-alt14.16.11-alt2ALT-PU-2020-2444-1254607Fixed
sambac9f24.11.11-alt14.14.14-alt0.c9.1ALT-PU-2020-2476-1255267Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://www.samba.org/samba/security/CVE-2020-14303.html
  • Vendor Advisory
https://security.netapp.com/advisory/ntap-20200709-0003/
  • Third Party Advisory
openSUSE-SU-2020:0984
  • Mailing List
  • Third Party Advisory
openSUSE-SU-2020:1023
  • Mailing List
  • Third Party Advisory
GLSA-202007-15
  • Third Party Advisory
USN-4454-2
  • Third Party Advisory
USN-4454-1
  • Third Party Advisory
openSUSE-SU-2020:1313
  • Mailing List
  • Third Party Advisory
[debian-lts-announce] 20201123 [SECURITY] [DLA 2463-1] samba security update
  • Mailing List
  • Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1851298%3B
    FEDORA-2020-5131d30947

        1. Configuration 1

          cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
          Start including
          4.12.0
          End excliding
          4.12.4
          cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
          Start including
          4.11.0
          End excliding
          4.11.11
          cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
          Start including
          4.10.0
          End excliding
          4.10.17

          Configuration 2

          cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

          Configuration 3

          cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
          cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

          Configuration 4

          cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

          Configuration 5

          cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
          cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
          cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
          cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
          cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
      VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
      Version: v24.4.2
      Back to top