A flaw was found in Samba from 4.3.0 versions. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validly signed certificate does not match the principal in the AS-REQ. This is only possible after authentication with a trusted certificate. This could result in a Denial of Service attack.
Created samba tracking bugs for this issue:
Affects: fedora-all [bug 1654082]
Name: The Samba Team
Upstream: Alex MacCuish
This flaw does not affect the version of samba shipped with Red Hat Enterprise Linux because there is no support for samba as Active Directory Domain Controller.