What the vulnerability does

01Description

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.

Key dates

02Disclosure timeline

October 12, 2021 CVE published
August 3, 2024 Record updated