VDB

ALPINE-CVE-2020-27840

ALPINE-CVE-2020-27840 PUBLISHED CVSS 7.5 HIGH

A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Alpine:v3.14samba3.5.9-r0, 3.5.8-r0, 3.6.11-r0
Alpine:v3.22samba4.7.0-r2, 3.2.10-r0, 0
Alpine:v3.24samba0, 4.0.0
Alpine:v3.17samba3.2.8-r0, 3.2.8-r1, 3.3.4-r0
Alpine:v3.13samba4.6.1-r1, 4.0.0, 0
Alpine:v3.12samba4.0.0, 0, 4.8.8-r0
Alpine:v3.20samba4.6.1-r2, 4.0.0, 0
Alpine:v3.16samba4.5.3-r0, 3.2.10-r0, 3.2.11-r0
Alpine:v3.19samba4.10.2-r0, 4.0.0, 0
Alpine:v3.23samba4.8.7-r0, 0, 3.2.10-r0
Alpine:v3.21samba4.7.6-r0, 0, 3.2.10-r0
Alpine:v3.18samba3.3.5-r0, 3.3.5-r2, 3.3.6-r0
Alpine:v3.15samba3.5.8-r0, 4.8.8-r0, 0

Timeline

  • May 12, 2021 CVE Published
  • Apr 30, 2026 Distribution Patch
  • Jul 8, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›