VDB
GCVE-VVD-MAGEIA-2020-58
GCVE-VVD-MAGEIA-2020-58
Advisory Published
The implementation of ACL inheritance in the Samba AD DC was not
complete, and so absent a 'full-sync' replication, ACLs could get out of
sync between domain controllers (CVE-2019-14902).
When processing untrusted string input Samba can read past the end of
the allocated buffer when printing a "Conversion error" message to the
logs. This can cause a crash after the failed character conversion when
operating at log level 3 or above (CVE-2019-14907).
During DNS zone scavenging (of expired dynamic entries) in a Samba AD
DC, there is a read of memory after it has been freed (CVE-2019-19344).
Note that manual intervention is required to fully implement the fix
for CVE-2019-14902. See the upstream advisory for details.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | calibre | 0 (affected), 3.42.0-3.1.mga7 (unaffected) | — |
| Mageia | samba | 0 (affected), 4.10.12-1.mga7 (unaffected), 0 (affected), 4.10.12-1.mga7 (unaffected) | — |
References
Browse GCVE Records
100 records in the GCVE database · Updated April 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.