DEBIAN-CVE-2015-7540

DEBIAN-CVE-2015-7540 PUBLISHED CVSS 7.5 HIGH

The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets.

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:12	samba	0, 0, 0
Debian:13	samba	0, 0, 0
Debian:14	samba	0, 0, 0
Debian:11	samba	0, 0, 0

Timeline

Dec 29, 2015 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2015-7540 advisory

Open in Interactive Console →