Alpine: multiple ldb packages, multiple samba packages, pam-winbind: security update to 4.8.7-r0

medium Tenable Cloud Security Plugin ID 424469

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of
service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on
the same memory if the principal in a validly signed certificate does not match the principal in the AS-
REQ. This is only possible after authentication with a trusted certificate. talloc is robust against
further corruption from a double-free with talloc_free() and directly calls abort(), terminating the KDC
process. (CVE-2018-16841)

- Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service.
During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the
entries are cached in a single memory object with a maximum size of 256MB. When this size is reached, the
Samba process providing the LDAP service will follow the NULL pointer, terminating the process. There is
no further vulnerability associated with this issue, merely a denial of service. (CVE-2018-16851)

- Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when
Samba is built in the non-default MIT Kerberos configuration. With this advisory the Samba Team clarify
that the MIT Kerberos build of the Samba AD DC is considered experimental. Therefore the Samba Team will
not issue security patches for this configuration. Additionally, Samba 4.7.12, 4.8.7 and 4.9.3 have been
issued as security releases to prevent building of the AD DC with MIT Kerberos unless --with-experimental-
mit-ad-dc is specified to the configure command. (CVE-2018-16853)

See Also

https://security.alpinelinux.org/vuln/CVE-2018-16841

https://security.alpinelinux.org/vuln/CVE-2018-16851

https://security.alpinelinux.org/vuln/CVE-2018-16853

Plugin Details

Severity: Medium

ID: 424469

Version: Revision 1.8

Type: Local

Published: 4/4/2025

Updated: 7/2/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 3

Percentile: 23.18

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2018-16853

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2018-16851

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 11/27/2018

Reference Information

CVE: CVE-2018-16841, CVE-2018-16851, CVE-2018-16853

BID: 106023, 106026, 106027

IAVA: 2018-A-0384-S