=========================================================== == Subject: Insufficient input validation on client directory == listing in libsmbclient. == == CVE ID#: CVE-2018-10858 == == Versions: Samba 3.2.0 - 4.8.3 (inclusive) == == Summary: A malicious server could return a directory entry == that could corrupt libsmbclient memory. == =========================================================== =========== Description =========== Samba releases 3.2.0 to 4.8.3 (inclusive) contain an error in libsmbclient that could allow a malicious server to overwrite client heap memory by returning an extra long filename in a directory listing. ================== Patch Availability ================== Patches addressing this issue have been posted to: http://www.samba.org/samba/security/ Samba versions 4.6.16, 4.7.9 and 4.8.4 have been released with fixes for this issue. ========== Workaround ========== None ======= Credits ======= This vulnerability was found by Svyatoslav Phirsov and was fixed by Jeremy Allison of Google and the Samba team.