VDB

CVE-2020-27840

CVE-2020-27840 PUBLISHED

A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.

EPSS 14.52% · 94.6th percentile

Risk Scores

EPSS Score
14.52%
94.6th percentile

Affected Products

VendorProductVersions
Ubuntu:Pro:14.04:LTSldb1:1.1.16-1ubuntu0.1, 1:1.1.24-0ubuntu0.14.04.1, 1:1.1.24-0ubuntu0.14.04.2
Ubuntu:20.04:LTSldb2:2.0.10-0ubuntu0.20.04.2, 2:2.0.10-0ubuntu0.20.04.1, 2:2.0.8-1ubuntu1
Ubuntu:16.04:LTSldb2:1.1.21-1, 0, 2:1.1.20-2
Ubuntu:18.04:LTSldb0, 2:1.2.3-1ubuntu0.1, 2:1.2.3-1

Timeline

  • Mar 24, 2021 CVE Published
  • May 13, 2021 EPSS Score
  • Sep 15, 2021 EPSS Score
  • Nov 16, 2021 EPSS Score
  • Jan 17, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • Jul 22, 2022 EPSS Score
  • Sep 22, 2022 EPSS Score
  • Jan 23, 2023 EPSS Score
  • Mar 26, 2023 EPSS Score
  • May 27, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›