All versions of Samba from 4.0.0 to 4.3.2 inclusive (resp. all
ldb versions up to 1.1.23 inclusive) are vulnerable to
a denial of service attack in the samba daemon LDAP server.
A malicious client can send packets that cause the LDAP server in the
samba daemon process to become unresponsive, preventing the server
from servicing any other requests.
This flaw is not exploitable beyond causing the code to loop expending
CPU resources.
Patches addressing this defect have been posted to
https://www.samba.org/samba/history/security.html
Additionally, Samba 4.3.3, 4.2.7 and 4.1.22 (resp. ldb 1.1.24)
have been issued as security releases to correct the defect.
Samba vendors and administrators running affected versions are
advised to upgrade or apply the patch as soon as possible.
None.
This problem was found by Thilo Uttendorfer of Linux Information
Systems AG. The fix was created by Jeremy Allison of Google.