It was found that samba versions since samba 4.0.0 version to samba 4.10.0 are vulnerable. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service, privilege escalation is not possible with this issue.
Upstream bug: https://bugzilla.samba.org/show_bug.cgi?id=14040
This flaw does not affect the version of samba shipped with Red Hat Enterprise Linux because there is no support for samba as Active Directory Domain Controller.
Name: the Samba project
Upstream: Adam Xu
Created samba tracking bugs for this issue:
Affects: fedora-all [bug 1766847]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
By default, the supported versions of Samba impacted by this issue run using the "standard" process model, which is unaffected. This is controlled by the -M or --model parameter to the samba binary. Unsupported Samba versions before Samba 4.7 use a single process for the LDAP server, and so are impacted. Samba 4.8, 4.9, and 4.10 are impacted if -M prefork or -M single is used. To mitigate this issue, select -M standard (the default).