4.9.18

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-18	CVE-2020-25719	Race Condition vulnerability in multiple products A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. network low complexity samba debian fedoraproject canonical redhat CWE-362	7.2
2022-02-18	CVE-2020-25722	Incorrect Authorization vulnerability in multiple products Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. network low complexity samba debian fedoraproject canonical CWE-863	8.8
2022-01-11	CVE-2021-43566	Race Condition vulnerability in Samba All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. local high complexity samba CWE-362	2.5
2021-10-12	CVE-2021-3671	NULL Pointer Dereference vulnerability in multiple products A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). network low complexity samba debian netapp CWE-476	6.5
2021-05-12	CVE-2020-27840	Out-of-bounds Read vulnerability in multiple products A flaw was found in samba. network low complexity samba debian fedoraproject CWE-125	7.5
2021-05-12	CVE-2021-20277	Out-of-bounds Write vulnerability in multiple products A flaw was found in Samba's libldb. network low complexity samba debian fedoraproject CWE-787	7.5
2021-05-05	CVE-2021-20254	Out-of-bounds Read vulnerability in multiple products A flaw was found in samba. network high complexity samba fedoraproject redhat debian CWE-125	6.8
2020-12-03	CVE-2020-14318	Incorrect Privilege Assignment vulnerability in multiple products A flaw was found in the way samba handled file and directory permissions. network low complexity samba redhat CWE-266	4.3
2020-12-02	CVE-2020-14383	A flaw was found in samba's DNS server. network low complexity samba redhat	6.5
2020-11-11	CVE-2020-17049	Incorrect Authorization vulnerability in multiple products <p>A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD).</p> <p>To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to accept it.</p> <p>The update addresses this vulnerability by changing how the KDC validates service tickets used with KCD.</p> network high complexity microsoft samba CWE-863	6.6