MGASA-2020-0410
Advisory lineage Upstream: 3 Downstream: 0
Published: 10 Nov 2020, 15:20
Last modified:16 Apr 2026, 04:25
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
10 Nov 2020, 15:20
Published
Vulnerability first disclosed
16 Apr 2026, 04:25
Last Modified
Vulnerability information updated
Description
Updated samba packages fix security vulnerabilities Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information (CVE-2020-14318). Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use this issue to cause winbind to crash, resulting in a denial of service (CVE-2020-14323). Francis Brosnan Blázquez discovered that Samba incorrectly handled certain invalid DNS records. A remote attacker could possibly use this issue to cause the DNS server to crash, resulting in a denial of service (CVE-2020-14383).
Affected Systems
- mageia•samba
< 4.10.18-1.1.mga7
References (7)
- https://advisories.mageia.org/MGASA-2020-0410.html
- https://bugs.mageia.org/show_bug.cgi?id=27488
- https://www.samba.org/samba/security/CVE-2020-14318.html
- https://www.samba.org/samba/security/CVE-2020-14323.html
- https://www.samba.org/samba/security/CVE-2020-14383.html
- https://ubuntu.com/security/notices/USN-4611-1
- https://lists.suse.com/pipermail/sle-security-updates/2020-October/007660.html