The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 90.7%.
RCE
Enterprise Linux
Samba
Suse Linux Enterprise Desktop
Suse Linux Enterprise Server
+2
NVD
Exploit-DB
CVSS 2.0
10.0
EPSS
90.7%
Threat
6.2