CVE-2018-14629

Source
Severity Medium
Remote Yes
Type Denial of service
Description
A denial of service security issue has been found in samba from 4.0.0 up to and including 4.9.2, where an unprivileged user can use the ldbadd tool to add DNS records to create a CNAME loop, causing infinite query recursion.
Group Package Affected Fixed Severity Status Ticket
AVG-823 samba 4.9.2-1 4.9.3-1 High Fixed
Date Advisory Group Package Severity Description
28 Nov 2018 ASA-201811-22 AVG-823 samba High multiple issues
References
https://www.samba.org/samba/security/CVE-2018-14629.html
https://bugzilla.samba.org/show_bug.cgi?id=13600
https://github.com/samba-team/samba/commit/bf596c14c2462b9a15ea738ef4f32b3abb8b63d1