As per upstream advisory: The dnsserver RPC pipe provides administrative facilities to modify DNS records and zones which allows an authenticated user to crash the RPC server process via a NULL pointer de-reference. This issue affects Samba 4.0 and later. There is no further vulnerability associated with this issue, merely a denial of service.
Acknowledgments: Name: The samba project
Mitigation: The dnsserver task can be stopped by setting 'dcerpc endpoint servers = -dnsserver' in the smb.conf and restarting Samba.
Upstream bug: https://bugzilla.samba.org/show_bug.cgi?id=13922
External References: https://www.samba.org/samba/security/CVE-2019-12435.html
Created samba tracking bugs for this issue: Affects: fedora-all [bug 1721872]
Statement: This issue did not affect the version of samba as shipped with 'Red Hat Gluster Storage 3' as they did not include support for Active Directory Domain Controller.