SB2017120746 - Memory leak in samba (Alpine package)
Published: December 7, 2017
Security Bulletin ID
SB2017120746
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Adjecent network
Highest impact
Information disclosure
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2017-15275)
The vulnerability allows a remote attacker to access potentially sensitive information.The vulnerability exists due to uncleared heap memory is sent to the client. A remote attacker can obtain potentially sensitive information and use it in further attacks.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=6245a2ceb9dc360ca5f8beb4419ea14952923a37
- https://git.alpinelinux.org/aports/commit/?id=009040103407533ea980becb5012c7d386900453
- https://git.alpinelinux.org/aports/commit/?id=9bc23b7dcfc97e7686a3bf86040af5b192e3cd52
- https://git.alpinelinux.org/aports/commit/?id=8b1320cfb5bc14ab3b588a3fb25b4b80d6f4fb39