MGASA-2018-0424

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2018-10858 CVE-2018-10919

Published: 30 Oct 2018, 18:01

Last modified:16 Apr 2026, 06:25

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

30 Oct 2018, 18:01

Published

Vulnerability first disclosed

16 Apr 2026, 06:25

Last Modified

Vulnerability information updated

Description

Updated samba packages fix security vulnerabilities Updated samba packages fix security vulnerabilities: A malicious server could return a directory entry that could corrupt libsmbclient memory (CVE-2018-10858). Missing access control checks allow discovery of confidential attribute values via authenticated LDAP search expressions (CVE-2018-10919). The samba package has been updated to version 4.6.16, fixing these issues and other bugs.

Affected Systems

mageia•samba
< 4.6.16-1.mga6

References (8)

https://advisories.mageia.org/MGASA-2018-0424.html
https://bugs.mageia.org/show_bug.cgi?id=23444
https://www.samba.org/samba/security/CVE-2018-10858.html
https://www.samba.org/samba/security/CVE-2018-10919.html
https://www.samba.org/samba/history/samba-4.6.13.html
https://www.samba.org/samba/history/samba-4.6.14.html
https://www.samba.org/samba/history/samba-4.6.15.html
https://www.samba.org/samba/history/samba-4.6.16.html