Use-after-free Vulnerability in Samba Software by Samba Team
CVE-2019-19344
6.5MEDIUM
What is CVE-2019-19344?
A use-after-free vulnerability exists in all versions of Samba 4.9.x prior to 4.9.18, 4.10.x prior to 4.10.12, and 4.11.x prior to 4.11.5. This flaw arises from a problematic call to realloc(), which may allow an attacker to exploit the original buffer while other local variables still point to it, potentially leading to unexpected behavior or remote code execution.
Affected Version(s)
samba all samba 4.11.x versions before 4.11.5
samba all samba 4.10.x versions before 4.10.12
samba all samba 4.9.x versions before 4.9.18