A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue.
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14847
https://www.samba.org/samba/security/CVE-2019-14847.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00015.html
https://www.synology.com/security/advisory/Synology_SA_19_35
https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html
Source: MITRE
Published: 2019-11-06
Updated: 2021-05-29
Type: CWE-476
Base Score: 4
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Impact Score: 2.9
Exploitability Score: 8
Severity: MEDIUM
Base Score: 4.9
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Impact Score: 3.6
Exploitability Score: 1.2
Severity: MEDIUM