CVE-2020-10745

Severity CVSS v4.0:
Pending analysis
Type:
CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
Publication date:
07/07/2020
Last modified:
07/11/2023

Description

A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. This highest threat from this vulnerability is to system availability.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* 4.0.0 (including) 4.10.17 (excluding)
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* 4.11.0 (including) 4.11.11 (excluding)
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* 4.12.0 (including) 4.12.4 (excluding)
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*