]> git.ipfire.org Git - thirdparty/samba.git/commit
projects / thirdparty / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c300a85) | patch
CVE-2020-14323 winbind: Fix invalid lookupsids DoS
authorVolker Lendecke <vl@samba.org>
Thu, 9 Jul 2020 19:49:25 +0000 (21:49 +0200)
committerKarolin Seeger <kseeger@samba.org>
Mon, 26 Oct 2020 13:59:48 +0000 (14:59 +0100)
commite6fe5b4d64a8e1a03e1aaebafd97f313b3c94342
tree18fa88469c3afc83333ffcc3c20c45f9c08a20c2tree
parentc300a85848350635e7ddd8129b31c4d439dc0f8acommit | diff
CVE-2020-14323 winbind: Fix invalid lookupsids DoS

A lookupsids request without extra_data will lead to "state->domain==NULL",
which makes winbindd_lookupsids_recv trying to dereference it.

Reported by Bas Alberts of the GitHub Security Lab Team as GHSL-2020-134

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14436
Signed-off-by: Volker Lendecke <vl@samba.org>
source3/winbindd/winbindd_lookupsids.c diff | blob | blame | history
Mirror of https://github.com/samba-team/samba.git