VDB

ALPINE-CVE-2021-20277

ALPINE-CVE-2021-20277 PUBLISHED CVSS 7.5 HIGH

A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability.

Risk Scores

CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Alpine:v3.19samba0, 3.2.10-r0, 3.2.11-r0
Alpine:v3.13samba4.7.4-r0, 3.5.9-r0, 3.5.8-r0
Alpine:v3.22samba4.8.8-r0, 4.8.8-r0, 4.8.7-r0
Alpine:v3.16samba4.6.1-r0, 4.6.1-r1, 4.6.1-r2
Alpine:v3.20samba4.1.15-r0, 4.1.2-r0, 3.5.4-r0
Alpine:v3.15samba4.2.7-r0, 3.2.10-r0, 3.2.11-r0
Alpine:v3.12samba3.2.10-r0, 4.8.8-r0, 4.8.7-r0
Alpine:v3.23samba4.12.8-r0, 4.12.7-r0, 4.12.5-r0
Alpine:v3.14samba0, 3.2.11-r0, 3.3.4-r0
Alpine:v3.18samba4.11.2-r1, 4.1.3-r2, 4.1.4-r0
Alpine:v3.21samba0, 3.2.11-r1, 3.2.8-r0
Alpine:v3.17samba0, 4.8.8-r0, 4.8.7-r0

Timeline

  • May 12, 2021 CVE Published
  • Dec 3, 2025 CVE Updated
  • Apr 30, 2026 Distribution Patch

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›