CVE-2021-3670
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-3670
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3670.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-3670
- Downstream
- Related
- Published
- 2022-08-23T16:15:09.393Z
- Modified
- 2025-12-08T19:08:28.208531Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
MaxQueryDuration not honoured in Samba AD DC LDAP
- References
-
- https://bugzilla.redhat.com/show_bug.cgi?id=2077533
- https://bugzilla.samba.org/show_bug.cgi?id=14694
- https://gitlab.com/samba-team/samba/-/commit/1d5b155619bc532c46932965b215bd73a920e56f
- https://gitlab.com/samba-team/samba/-/commit/2b3af3b560c9617a233c131376c870fce146c002
- https://gitlab.com/samba-team/samba/-/commit/3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393
- https://gitlab.com/samba-team/samba/-/commit/5f0590362c5c0c5ee20503a67467f9be2d50e73b
- https://gitlab.com/samba-team/samba/-/commit/86fe9d48883f87c928bf31ccbd275db420386803
- https://gitlab.com/samba-team/samba/-/commit/dcfcafdbf756e12d9077ad7920eea25478c29f81
- https://gitlab.com/samba-team/samba/-/commit/e1ab0c43629686d1d2c0b0b2bcdc90057a792049
- https://security.gentoo.org/glsa/202309-06
Affected packages
Git / github.com/samba-team/samba
Git / gitlab.com/samba-team/samba
Affected ranges
- Type
- GIT
- Repo
- https://gitlab.com/samba-team/samba
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixedFixedFixedFixedFixedFixed
Affected versions
ldb-1.*
ldb-1.1.0
ldb-1.1.10
ldb-1.1.11
ldb-1.1.12
ldb-1.1.13
ldb-1.1.14
ldb-1.1.15
ldb-1.1.16
ldb-1.1.17
ldb-1.1.18
ldb-1.1.19
ldb-1.1.2
ldb-1.1.20
ldb-1.1.21
ldb-1.1.22
ldb-1.1.23
ldb-1.1.24
ldb-1.1.25
ldb-1.1.26
ldb-1.1.27
ldb-1.1.28
ldb-1.1.29
ldb-1.1.3
ldb-1.1.30
ldb-1.1.31
ldb-1.1.4
ldb-1.1.5
ldb-1.1.6
ldb-1.1.8
ldb-1.1.9
ldb-1.2.0
ldb-1.2.1
ldb-1.2.2
ldb-1.3.0
ldb-1.3.1
ldb-1.3.2
ldb-1.4.0
ldb-1.4.1
ldb-1.5.0
ldb-1.5.1
ldb-1.5.2
ldb-1.6.1
ldb-1.6.2
ldb-1.6.3
ldb-2.*
ldb-2.0.5
ldb-2.1.0
ldb-2.1.1
ldb-2.2.0
ldb-2.4.0
samba-4.*
samba-4.0.0alpha10
samba-4.0.0alpha11
samba-4.0.0alpha13
samba-4.0.0alpha14
samba-4.0.0alpha15
samba-4.0.0alpha16
samba-4.0.0alpha17
samba-4.0.0alpha18
samba-4.0.0alpha19
samba-4.0.0alpha20
samba-4.0.0alpha21
samba-4.0.0alpha6
samba-4.0.0alpha7
samba-4.0.0alpha8
samba-4.0.0alpha9
samba-4.0.0beta1
samba-4.0.0beta2
samba-4.0.0beta3
samba-4.0.0beta4
samba-4.0.0beta5
samba-4.0.0beta6
samba-4.0.0beta7
samba-4.0.0beta8
samba-4.0.0rc1
samba-4.10.0rc1
samba-4.11.0rc1
samba-4.12.0rc1
samba-4.13.0rc1
samba-4.14.0rc1
samba-4.15.0rc1
samba-4.2.0rc1
samba-4.3.0rc1
samba-4.4.0rc1
samba-4.5.0rc1
samba-4.6.0rc1
samba-4.7.0rc1
samba-4.8.0rc1
samba-4.9.0rc1
talloc-1.*
talloc-1.3.1
talloc-2.*
talloc-2.0.0
talloc-2.0.1
talloc-2.0.7
talloc-2.0.8
talloc-2.1.0
talloc-2.1.1
talloc-2.1.10
talloc-2.1.11
talloc-2.1.12
talloc-2.1.13
talloc-2.1.14
talloc-2.1.15
talloc-2.1.16
talloc-2.1.2
talloc-2.1.3
talloc-2.1.4
talloc-2.1.5
talloc-2.1.6
talloc-2.1.7
talloc-2.1.8
talloc-2.1.9
talloc-2.2.0
talloc-2.3.0
talloc-2.3.1
talloc-2.3.2
talloc-2.3.3
tdb-1.*
tdb-1.1.5
tdb-1.2.0
tdb-1.2.1
tdb-1.2.10
tdb-1.2.11
tdb-1.2.12
tdb-1.2.13
tdb-1.3.0
tdb-1.3.1
tdb-1.3.10
tdb-1.3.11
tdb-1.3.12
tdb-1.3.13
tdb-1.3.14
tdb-1.3.15
tdb-1.3.16
tdb-1.3.17
tdb-1.3.18
tdb-1.3.2
tdb-1.3.3
tdb-1.3.4
tdb-1.3.5
tdb-1.3.6
tdb-1.3.7
tdb-1.3.8
tdb-1.3.9
tdb-1.4.0
tdb-1.4.1
tdb-1.4.2
tdb-1.4.3
tdb-1.4.4
tdb-1.4.5
tevent-0.*
tevent-0.10.0
tevent-0.10.1
tevent-0.10.2
tevent-0.11.0
tevent-0.9.11
tevent-0.9.12
tevent-0.9.13
tevent-0.9.14
tevent-0.9.15
tevent-0.9.16
tevent-0.9.17
tevent-0.9.18
tevent-0.9.19
tevent-0.9.20
tevent-0.9.21
tevent-0.9.22
tevent-0.9.23
tevent-0.9.24
tevent-0.9.25
tevent-0.9.26
tevent-0.9.27
tevent-0.9.28
tevent-0.9.29
tevent-0.9.30
tevent-0.9.31
tevent-0.9.32
tevent-0.9.33
tevent-0.9.34
tevent-0.9.35
tevent-0.9.36
tevent-0.9.37
tevent-0.9.38
tevent-0.9.39
tevent-0.9.8
Database specific
vanir_signatures
[
{
"digest": {
"function_hash": "140660789039839351933530232508196067908",
"length": 935.0
},
"target": {
"function": "anr_search",
"file": "source4/dsdb/samdb/ldb_modules/anr.c"
},
"deprecated": false,
"source": "https://gitlab.com/samba-team/samba@5f0590362c5c0c5ee20503a67467f9be2d50e73b",
"signature_type": "Function",
"signature_version": "v1",
"id": "CVE-2021-3670-004ee273"
},
{
"digest": {
"function_hash": "255573346019232468578895413180855613080",
"length": 2216.0
},
"target": {
"function": "anr_replace_value",
"file": "source4/dsdb/samdb/ldb_modules/anr.c"
},
"deprecated": false,
"source": "https://gitlab.com/samba-team/samba@5f0590362c5c0c5ee20503a67467f9be2d50e73b",
"signature_type": "Function",
"signature_version": "v1",
"id": "CVE-2021-3670-1ef5abed"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"257134383621022180430341517228613950352",
"13476101461585947304094556437473517451",
"312115836377266472331192355368425254815",
"260739068273728120731299785846177563543"
]
},
"target": {
"file": "source4/ldap_server/ldap_backend.c"
},
"deprecated": false,
"source": "https://gitlab.com/samba-team/samba@86fe9d48883f87c928bf31ccbd275db420386803",
"signature_type": "Line",
"signature_version": "v1",
"id": "CVE-2021-3670-2f8f1b01"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"324477994679950957093285663870802509335",
"242267878449314875707237900273356096250",
"19651545433478516557128511553831751186",
"65821411574943233752092281383074872630",
"76254669471676968810860169280674545496",
"302661813607275910960241899858841372754",
"200080601591592802173837568135868637899",
"279329746248371453131091738248744253209",
"87886221824957599593084516043584579448",
"143117416240118726873643849046101757072",
"32701588612259651543972535819867335800",
"185589566910956787059550230233129583079",
"153591063604456870132051993121410524252",
"90949915423991205979513410439232704214",
"332025814898088604940636666944521920896",
"205751465568570807924783170887702722142",
"34940777225048522061248372682250961343",
"207540546163165694874432507191338010965",
"310325566523452142079002333661793146021",
"217518706006208338750963518948218872418",
"171959355562658611312464847784055768315",
"260056859722301846205037420720106829515",
"317378505311345154423953390592249495668",
"309742553583687732162641109620997909167",
"91075003706424088633163938955464850994",
"302253275304262939285676993052350762791"
]
},
"target": {
"file": "source4/dsdb/samdb/ldb_modules/anr.c"
},
"deprecated": false,
"source": "https://gitlab.com/samba-team/samba@5f0590362c5c0c5ee20503a67467f9be2d50e73b",
"signature_type": "Line",
"signature_version": "v1",
"id": "CVE-2021-3670-5c82a259"
},
{
"digest": {
"function_hash": "287276421860959349071956566256636628235",
"length": 2852.0
},
"target": {
"function": "ldb_kv_index_filter",
"file": "lib/ldb/ldb_key_value/ldb_kv_index.c"
},
"deprecated": false,
"source": "https://gitlab.com/samba-team/samba@1d5b155619bc532c46932965b215bd73a920e56f",
"signature_type": "Function",
"signature_version": "v1",
"id": "CVE-2021-3670-62a8fa67"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"218201847973535123329140390700765324751",
"281379334324529194928912683907972957863",
"174038611912692203196093682464624957641",
"60998398758963538646530442529824592592",
"289905422911420284674574959563452872665",
"130008625861187377466101077582418937003",
"96873372489111151905689643007277034986",
"229178738965478370924747026171042925224",
"237578600856601424233301027893482160355",
"205224528761393629278556547248869057867",
"325266253554212192929907609581049922358",
"25258794814446549928341982793730193517",
"140413815498218854978550392315176288580",
"81293539408077020001411347930928800831",
"312325968061043476524968627353274755635",
"102430271227577454924747232817431020121",
"273872236034109415382895794928780633571",
"176394382257109716292160147901631347823",
"273850490611746722339073394225520658707",
"196150090400653932612991175012158906592",
"221873561809706188486128670448941246548",
"152299578466332906301402008075328210292",
"60892262913314871771861611725311137405",
"100590686074072529830138597219519603649",
"197911408618666002582359978551398579965",
"49452945404467118829034363077388248868",
"231357288427760380024530606264851233712",
"39789280061827802750913741945794483554",
"66761077502144228165272793566069537195",
"269661626490697789572125348069785332424",
"288403087518499101037668638409477412703",
"2547436616698624026103990145084573592"
]
},
"target": {
"file": "source4/ldap_server/ldap_backend.c"
},
"deprecated": false,
"source": "https://gitlab.com/samba-team/samba@3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393",
"signature_type": "Line",
"signature_version": "v1",
"id": "CVE-2021-3670-92254231"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"40839706673654048185466208915382149063",
"60890190840696162188971859196099900997",
"288072475795060836316624145659723637940",
"8944997256934763403811087795108325986"
]
},
"target": {
"file": "source4/ldap_server/ldap_server.c"
},
"deprecated": false,
"source": "https://gitlab.com/samba-team/samba@e1ab0c43629686d1d2c0b0b2bcdc90057a792049",
"signature_type": "Line",
"signature_version": "v1",
"id": "CVE-2021-3670-9362bf86"
},
{
"digest": {
"function_hash": "75883391030975542610980306216619218978",
"length": 5202.0
},
"target": {
"function": "ldapsrv_SearchRequest",
"file": "source4/ldap_server/ldap_backend.c"
},
"deprecated": false,
"source": "https://gitlab.com/samba-team/samba@2b3af3b560c9617a233c131376c870fce146c002",
"signature_type": "Function",
"signature_version": "v1",
"id": "CVE-2021-3670-98999087"
},
{
"digest": {
"function_hash": "312889073029742577458622498784077156536",
"length": 5036.0
},
"target": {
"function": "ldapsrv_SearchRequest",
"file": "source4/ldap_server/ldap_backend.c"
},
"deprecated": false,
"source": "https://gitlab.com/samba-team/samba@3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393",
"signature_type": "Function",
"signature_version": "v1",
"id": "CVE-2021-3670-9b007292"
},
{
"digest": {
"function_hash": "144893149862373196283408976404927854247",
"length": 1600.0
},
"target": {
"function": "ldb_kv_handle_request",
"file": "lib/ldb/ldb_key_value/ldb_kv.c"
},
"deprecated": false,
"source": "https://gitlab.com/samba-team/samba@1d5b155619bc532c46932965b215bd73a920e56f",
"signature_type": "Function",
"signature_version": "v1",
"id": "CVE-2021-3670-c118f41d"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"17857222310924995007308719621498355818",
"46590608395811176103060573385616707823",
"263306912463245318381269086227111843722"
]
},
"target": {
"file": "lib/ldb/ldb_key_value/ldb_kv.c"
},
"deprecated": false,
"source": "https://gitlab.com/samba-team/samba@1d5b155619bc532c46932965b215bd73a920e56f",
"signature_type": "Line",
"signature_version": "v1",
"id": "CVE-2021-3670-dd5ca07d"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"148381618686401899059581758031761777034",
"197434684616686294709033288024340743159",
"197671131302392094856960182701122643569"
]
},
"target": {
"file": "lib/ldb/ldb_key_value/ldb_kv.h"
},
"deprecated": false,
"source": "https://gitlab.com/samba-team/samba@1d5b155619bc532c46932965b215bd73a920e56f",
"signature_type": "Line",
"signature_version": "v1",
"id": "CVE-2021-3670-dddd5d7c"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"235999378289500362597579037067512031739",
"315251787968051704566018217247560059188",
"127654405680441790211923946727701043833",
"102801648280075382797125825000104788923",
"159904073462860710039947041787185882941",
"90928131352697353845497445811552322227"
]
},
"target": {
"file": "source4/ldap_server/ldap_backend.c"
},
"deprecated": false,
"source": "https://gitlab.com/samba-team/samba@2b3af3b560c9617a233c131376c870fce146c002",
"signature_type": "Line",
"signature_version": "v1",
"id": "CVE-2021-3670-e1c644fb"
},
{
"digest": {
"function_hash": "159144265889207250205492569203344588741",
"length": 5056.0
},
"target": {
"function": "ldapsrv_SearchRequest",
"file": "source4/ldap_server/ldap_backend.c"
},
"deprecated": false,
"source": "https://gitlab.com/samba-team/samba@86fe9d48883f87c928bf31ccbd275db420386803",
"signature_type": "Function",
"signature_version": "v1",
"id": "CVE-2021-3670-e71645fa"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"50741826844135751197142997959541974871",
"309816296243692156798292312336275063467",
"195443582228015611251250553482872926391",
"139393169712159050866246536090152323732"
]
},
"target": {
"file": "lib/ldb/ldb_key_value/ldb_kv_index.c"
},
"deprecated": false,
"source": "https://gitlab.com/samba-team/samba@1d5b155619bc532c46932965b215bd73a920e56f",
"signature_type": "Line",
"signature_version": "v1",
"id": "CVE-2021-3670-f2569e43"
},
{
"digest": {
"function_hash": "44707187084874118835357391961185125928",
"length": 2352.0
},
"target": {
"function": "ldapsrv_load_limits",
"file": "source4/ldap_server/ldap_server.c"
},
"deprecated": false,
"source": "https://gitlab.com/samba-team/samba@e1ab0c43629686d1d2c0b0b2bcdc90057a792049",
"signature_type": "Function",
"signature_version": "v1",
"id": "CVE-2021-3670-f7dd0070"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"11705995154376806848434841801717341697",
"221409456339033386220210798989837168577",
"157079551000249142525381758350114164854",
"93105929662749977529050128861074723736",
"140088116546578434859642656168664215788",
"218030418042385924116130091688758088640",
"335894730469423328007936089752353319672"
]
},
"target": {
"file": "lib/ldb/ldb_key_value/ldb_kv_search.c"
},
"deprecated": false,
"source": "https://gitlab.com/samba-team/samba@1d5b155619bc532c46932965b215bd73a920e56f",
"signature_type": "Line",
"signature_version": "v1",
"id": "CVE-2021-3670-f83b69ed"
}
]