CVE-2021-3670

NameCVE-2021-3670
DescriptionMaxQueryDuration not honoured in Samba AD DC LDAP
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ldb (PTS)bullseye (security), bullseye2:2.2.3-2~deb11u2fixed
samba (PTS)bullseye (security), bullseye2:4.13.13+dfsg-1~deb11u6vulnerable
bookworm, bookworm (security)2:4.17.12+dfsg-0+deb12u1fixed
trixie2:4.21.2+dfsg-3fixed
sid2:4.21.2+dfsg-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
ldbsource(unstable)2:2.2.3-1
sambasource(unstable)2:4.16.0+dfsg-2

Notes

[buster] - ldb <no-dsa> (Minor issue)
[stretch] - ldb <no-dsa> (Minor issue)
[bullseye] - samba <ignored> (Domain controller functionality is EOLed, see DSA DSA-5477-1)
[buster] - samba <ignored> (Minor issue; affects Samba as AD DC; cf DSA 5015-1)
https://bugzilla.redhat.com/show_bug.cgi?id=2077533
https://bugzilla.samba.org/show_bug.cgi?id=14694
https://gitlab.com/samba-team/samba/-/commit/dcfcafdbf756e12d9077ad7920eea25478c29f81
https://gitlab.com/samba-team/samba/-/commit/86fe9d48883f87c928bf31ccbd275db420386803
https://gitlab.com/samba-team/samba/-/commit/e1ab0c43629686d1d2c0b0b2bcdc90057a792049
ldb: https://gitlab.com/samba-team/samba/-/commit/1d5b155619bc532c46932965b215bd73a920e56f
https://gitlab.com/samba-team/samba/-/commit/2b3af3b560c9617a233c131376c870fce146c002
https://gitlab.com/samba-team/samba/-/commit/5f0590362c5c0c5ee20503a67467f9be2d50e73b
https://gitlab.com/samba-team/samba/-/commit/3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393
Fixed in ldb 2.5.0, 2.4.2 and 2.3.3

Search for package or bug name: Reporting problems