| Name | CVE-2021-3670 |
| Description | MaxQueryDuration not honoured in Samba AD DC LDAP |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|---|---|---|
| ldb (PTS) | jessie, jessie (lts) | 2:1.1.20-0+deb8u3 | vulnerable |
| stretch (security), stretch (lts), stretch | 2:1.1.27-1+deb9u2 | vulnerable | |
| buster, buster (security) | 2:1.5.1+really1.4.6-3+deb10u1 | vulnerable | |
| bullseye (security), bullseye | 2:2.2.3-2~deb11u2 | fixed | |
| samba (PTS) | jessie, jessie (lts) | 2:4.2.14+dfsg-0+deb8u15 | vulnerable |
| stretch (security), stretch (lts), stretch | 2:4.5.16+dfsg-1+deb9u4 | vulnerable | |
| buster | 2:4.9.5+dfsg-5+deb10u3 | vulnerable | |
| buster (security) | 2:4.9.5+dfsg-5+deb10u5 | vulnerable | |
| bullseye | 2:4.13.13+dfsg-1~deb11u5 | vulnerable | |
| bullseye (security) | 2:4.13.13+dfsg-1~deb11u6 | vulnerable | |
| bookworm (security), bookworm | 2:4.17.12+dfsg-0+deb12u1 | fixed | |
| trixie | 2:4.19.5+dfsg-1 | fixed | |
| sid | 2:4.19.6+dfsg-1 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| ldb | source | (unstable) | 2:2.2.3-1 | |||
| samba | source | (unstable) | 2:4.16.0+dfsg-2 |
[buster] - ldb <no-dsa> (Minor issue)
[stretch] - ldb <no-dsa> (Minor issue)
[bullseye] - samba <ignored> (Domain controller functionality is EOLed, see DSA DSA-5477-1)
[buster] - samba <ignored> (Minor issue; affects Samba as AD DC; cf DSA 5015-1)
https://bugzilla.redhat.com/show_bug.cgi?id=2077533
https://bugzilla.samba.org/show_bug.cgi?id=14694
https://gitlab.com/samba-team/samba/-/commit/dcfcafdbf756e12d9077ad7920eea25478c29f81
https://gitlab.com/samba-team/samba/-/commit/86fe9d48883f87c928bf31ccbd275db420386803
https://gitlab.com/samba-team/samba/-/commit/e1ab0c43629686d1d2c0b0b2bcdc90057a792049
ldb: https://gitlab.com/samba-team/samba/-/commit/1d5b155619bc532c46932965b215bd73a920e56f
https://gitlab.com/samba-team/samba/-/commit/2b3af3b560c9617a233c131376c870fce146c002
https://gitlab.com/samba-team/samba/-/commit/5f0590362c5c0c5ee20503a67467f9be2d50e73b
https://gitlab.com/samba-team/samba/-/commit/3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393
Fixed in ldb 2.5.0, 2.4.2 and 2.3.3
[jessie] - ldb <ignored> (Minor issue)
[stretch] - samba <ignored> (Minor issue; affects Samba as AD DC; EOLed)
[jessie] - samba <ignored> (Minor issue; affects Samba as AD DC; EOLed)