CVE-2018-16852 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Denial of service
Description	A NULL pointer de-reference issue has been found in samba from 4.9.0 up to and including 4.9.2, where a user able to create or modify dnsZone objects can crash the Samba AD DC's DNS management RPC server, DNS server or BIND9 when using Samba's DLZ plugin

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-823	samba	4.9.2-1	4.9.3-1	High	Fixed

Date	Advisory	Group	Package	Severity	Type
28 Nov 2018	ASA-201811-22	AVG-823	samba	High	multiple issues

References
https://www.samba.org/samba/security/CVE-2018-16852.html https://bugzilla.samba.org/show_bug.cgi?id=13669 https://github.com/samba-team/samba/commit/05f867db81f118215445f2c49eda4b9c3451d14a https://github.com/samba-team/samba/commit/c78ca8b9b48a19e71f4d6ddd2e300f282fb0b247

References

https://www.samba.org/samba/security/CVE-2018-16852.html
https://bugzilla.samba.org/show_bug.cgi?id=13669
https://github.com/samba-team/samba/commit/05f867db81f118215445f2c49eda4b9c3451d14a
https://github.com/samba-team/samba/commit/c78ca8b9b48a19e71f4d6ddd2e300f282fb0b247