CVE-2020-27840
HIGH7.5EPSS 14.5%ldb - security update
發布日:2021/5/12修改日:2026/4/28
描述
A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.
受影響套件(4)
- Alpine/sambafrom 0, < 4.12.14-r0
- Debian/ldbfrom 0, < 2:2.2.0-3.1
- Debian/ldbfrom 0, < 2:1.1.27-1+deb9u2
- Debian/sambafrom 0
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |