A flaw was found in Samba versions from 4.0.0. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256MB. When this size is reached, the Samba process providing the LDAP service will follow the NULL pointer, terminating the process. This can lead to a denial of service attack.
Name: Garming Sam (Samba Team and Catalyst)
Created samba tracking bugs for this issue:
Affects: fedora-all [bug 1654091]
This flaw does not affect the version of samba shipped with Red Hat Enterprise Linux because there is no support for samba as Active Directory Domain Controller.