As per upstream advisory:
Samba 4.5 and later implements VLV - Virtual List View, and Samba 4.10 and later reimplemented the paged_results control using similar code.
This code is more memory-efficient, storing only a pointer to the object, not the returned object. However this means parts of the original request must be retained
When these controls are used by a client that connects to the Global Catalog server, these modules failed to correctly retain the control data along with the request, causing a use-after-free and an abort when this is detected by the talloc library.
NOTE WELL: Unsupported Samba versions before Samba 4.7 use a single process for the LDAP servers.
All versions of Samba after Samba 4.11 use the 'prefork' process model to create a shared connection pool. Crashing servers are restarted, but service is disrupted.
Name: the Samba project
Upstream: Andrei Popa
This flaw does not affect the version of samba shipped with Red Hat Enterprise Linux and Red Hat Gluster Storage 3 because there is no support for samba as Active Directory Domain Controller.
Created samba tracking bugs for this issue:
Affects: fedora-all [bug 1853276]
Upstream patch: https://github.com/samba-team/samba/commit/32c333def9ad5a1c67abee320cf5f3c4f2cb1e5c