Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2019-14861 |
CWE-ID | CWE-823 |
Exploitation vector | Local network |
Public exploit | N/A |
Vulnerable software Subscribe |
samba (Alpine package) Operating systems & Components / Operating system package or component |
Vendor | Alpine Linux Development Team |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU23507
Risk: Low
CVSSv3.1: 3.1 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-14861
CWE-ID:
CWE-823 - Use of Out-of-range Pointer Offset
Exploit availability: No
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when processing DNS records in ldb_qsort() and dns_name_compare() function within the dnsserver RPC pipe. A remote authenticated user can register a zone with an existing name but in different register and force Samba to read memory prior to the list of DNS entries when responding to DnssrvEnumRecords() or DnssrvEnumRecords2() calls. This will trigger Samba to follow invalid memory as a pointer and lead to DoS of the DNS management server.
Install update from vendor's website.
Vulnerable software versionssamba (Alpine package): 4.1.1-r0 - 4.10.10-r0
CPE2.3http://git.alpinelinux.org/aports/commit/?id=fddd8a3d858001f0e0d27c7fd9e1ffddf8ccdd2e
http://git.alpinelinux.org/aports/commit/?id=9739986c1e03ef958ef47887b03d03d06e6559e3
http://git.alpinelinux.org/aports/commit/?id=dd552b01b186a01114fb8d877ba15cf1895f0121
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.