VDB
ALPINE-CVE-2020-10704
ALPINE-CVE-2020-10704
PUBLISHED
CVSS 7.5 HIGH
A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.
Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.17 | samba | 4.8.8-r0, 4.8.7-r0, 4.8.5-r0 |
| Alpine:v3.21 | samba | 4.8.8-r0, 4.8.7-r0, 4.8.5-r0 |
| Alpine:v3.20 | samba | 4.1.3-r1, 4.8.7-r0, 4.8.5-r0 |
| Alpine:v3.18 | samba | 4.8.2-r0, 3.3.7-r2, 0 |
| Alpine:v3.16 | samba | 3.6.6-r0, 0, 3.2.10-r0 |
| Alpine:v3.15 | samba | 4.8.8-r0, 4.8.7-r0, 4.8.5-r0 |
| Alpine:v3.22 | samba | 4.8.8-r0, 0, 3.2.10-r0 |
| Alpine:v3.12 | samba | 3.4.4-r0, 0, 3.2.11-r0 |
| Alpine:v3.23 | samba | 0, 3.2.10-r0, 3.2.11-r0 |
| Alpine:v3.10 | samba | 4.5.4-r0, 0, 3.2.11-r0 |
| Alpine:v3.11 | samba | 4.2.0-r0, 3.2.10-r0, 3.2.11-r0 |
| Alpine:v3.13 | samba | 4.8.8-r0, 4.8.7-r0, 4.8.5-r0 |
| Alpine:v3.19 | samba | 4.8.8-r0, 0, 3.2.10-r0 |
| Alpine:v3.14 | samba | 0, 4.8.8-r0, 4.8.7-r0 |
Timeline
- May 6, 2020 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch