A flaw was found in the way an authenticated user with read permission on the LDAP server could crash the shared LDAP server process of the Samba AD DC, by using specially crafted search expressions like "cn=test*multi*test*multi" Note that in Samba 4.7 and later, the default is not to have a shared LDAP process, unless -M prefork or -M single is specified on the command line to 'samba'.
Acknowledgments: Name: the Samba project
Statement: The versions of samba packages shipped with Red Hat Enterprise Linux 5, 6, and 7 do not support Active Directory Domain Controller mode, therefore are not affected by this flaw. This issue did not affect the version of samba as shipped with 'Red Hat Gluster Storage 3' as they did not include support for Active Directory Domain Controller.
Created samba tracking bugs for this issue: Affects: fedora-all [bug 1683909]
Upstream patches: https://git.samba.org/?p=samba.git;a=commit;h=de3bb5cd5236565f2b79644d99e55d03b254b65e https://git.samba.org/?p=samba.git;a=commit;h=45b75db50f5c1a7c8c38af59a62fccee5401c845 https://git.samba.org/?p=samba.git;a=commit;h=42f0f57eb819ce6b68a8c5b3b53123b83ec917e3 https://git.samba.org/?p=samba.git;a=commit;h=34383981a0c40860f71a4451ff8fd752e1b67666 https://git.samba.org/?p=samba.git;a=commit;h=8d34d172092f71baad0d777567e49aebfa07313d https://git.samba.org/?p=samba.git;a=commit;h=9427806f7298d71bd7edfbdda7506ec63f15dda1 https://git.samba.org/?p=samba.git;a=commit;h=745b99fc6b75db33cdb0a58df1a3f2a5063bc76e https://git.samba.org/?p=samba.git;a=commit;h=3674b0891afb016c83763520b87e9f190dcfe884
External References: https://bugzilla.samba.org/show_bug.cgi?id=13773