CVE-2019-14847 log

Source
Severity Low
Remote Yes
Type Denial of service
Description
A denial of service has been found in Samba before 4.10.10, where users with the "get changes" extended access right can crash the AD DC LDAP server by requesting an attribute using the range= syntax.
By default, the supported versions of Samba impacted by this issue run using the "standard" process model, which is unaffected. This is controlled by the -M or --model parameter to the samba binary. Unsupported Samba versions before Samba 4.7 use a single process for the LDAP server, and so are impacted. Samba 4.8, 4.9 and 4.10 are impacted if -M prefork or -M single is used. To mitigate this issue, select -M standard (the default).
Group Package Affected Fixed Severity Status Ticket
AVG-1057 samba 4.10.8-2 4.10.10-1 Medium Fixed
Date Advisory Group Package Severity Type
03 Nov 2019 ASA-201911-6 AVG-1057 samba Medium multiple issues
References
https://www.samba.org/samba/security/CVE-2019-14847.html
https://download.samba.org/pub/samba/patches/security/samba-4.10.9-security-2019-10-29.patch
Notes
Setting to low since it requires an authenticated user with special rights AND a non-default setting.