CVE-2015-7540

7.5 HIGH
Published: December 29, 2015 Modified: May 06, 2026
View on NVD

Description

The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174076.html
Source: secalert@redhat.com
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174391.html
Source: secalert@redhat.com
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.html
Source: secalert@redhat.com
Mailing List Third Party Advisory
http://www.debian.org/security/2016/dsa-3433
Source: secalert@redhat.com
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Source: secalert@redhat.com
Third Party Advisory
http://www.securityfocus.com/bid/79736
Source: secalert@redhat.com
Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034492
Source: secalert@redhat.com
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2855-1
Source: secalert@redhat.com
Third Party Advisory
http://www.ubuntu.com/usn/USN-2855-2
Source: secalert@redhat.com
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1288451
Source: secalert@redhat.com
Issue Tracking Third Party Advisory
https://git.samba.org/?p=samba.git%3Ba=commit%3Bh=530d50a1abdcdf4d1775652d4c456c1274d83d8d
Source: secalert@redhat.com
https://git.samba.org/?p=samba.git%3Ba=commit%3Bh=9d989c9dd7a5b92d0c5d65287935471b83b6e884
Source: secalert@redhat.com
https://security.gentoo.org/glsa/201612-47
Source: secalert@redhat.com
Third Party Advisory
https://www.samba.org/samba/security/CVE-2015-7540.html
Source: secalert@redhat.com
Vendor Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174076.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174391.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://www.debian.org/security/2016/dsa-3433
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/79736
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034492
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2855-1
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.ubuntu.com/usn/USN-2855-2
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1288451
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking Third Party Advisory
https://git.samba.org/?p=samba.git%3Ba=commit%3Bh=530d50a1abdcdf4d1775652d4c456c1274d83d8d
Source: af854a3a-2127-422b-91ae-364da2661108
https://git.samba.org/?p=samba.git%3Ba=commit%3Bh=9d989c9dd7a5b92d0c5d65287935471b83b6e884
Source: af854a3a-2127-422b-91ae-364da2661108
https://security.gentoo.org/glsa/201612-47
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.samba.org/samba/security/CVE-2015-7540.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

28 reference(s) from NVD

Quick Stats

CVSS v3 Score
7.5 / 10.0
EPSS (Exploit Probability)
43.3%
98th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-399

Affected Vendors

canonical samba debian

Related CVEs

CVE-2026-42174 N/A
CVE-2026-42137 N/A
CVE-2026-42069 N/A
CVE-2026-42051 N/A
CVE-2026-41311 7.5