CVE-2021-3671
6.5 MEDIUMA null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request)
Published: 2021-10-12 · Last updated: 2026-06-17
Severity and scoring
- CVSS
- 6.5 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- CWE
- CWE-476
Affected products
| Vendor | Product |
|---|---|
| debian | debian_linux, management_services_for_element_software, management_services_for_netapp_hci |
| netapp | debian_linux, management_services_for_element_software, management_services_for_netapp_hci |
| samba | debian_linux, management_services_for_element_software, management_services_for_netapp_hci |
Description
A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2021-3671
- [Other]https://bugzilla.redhat.com/show_bug.cgi?id=2013080%2C
- [Other]https://bugzilla.samba.org/show_bug.cgi?id=14770%2C
- [Patch]https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
- [Other]https://lists.debian.org/debian-lts-announce/2022/11/msg00034.html
- [Other]https://security.netapp.com/advisory/ntap-20221215-0002/
- [Other]https://security.netapp.com/advisory/ntap-20230216-0008/
- [Other]https://www.debian.org/security/2022/dsa-5287
- [Other]https://bugzilla.redhat.com/show_bug.cgi?id=2013080%2C
- [Other]https://bugzilla.samba.org/show_bug.cgi?id=14770%2C
- [Patch]https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
- [Other]https://lists.debian.org/debian-lts-announce/2022/11/msg00034.html
- [Other]https://security.netapp.com/advisory/ntap-20221215-0002/
- [Other]https://security.netapp.com/advisory/ntap-20230216-0008/
- [Other]https://www.debian.org/security/2022/dsa-5287
Related CVEs
Same vendor
- CVE-2026-49975 — Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP ... (7.5 HIGH)
- CVE-2026-4408 — A flaw was found in Samba (9.0 CRITICAL)
- CVE-2026-2340 — A flaw was found in Samba’s vfs_worm module (6.5 MEDIUM)
- CVE-2026-1933 — A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes (7.1 HIGH)
- CVE-2026-3012 — A flaw was found in Samba’s certificate auto-enrollment Group Policy handling (8.0 HIGH)
Same CWE
- CVE-2026-12329 — Memory safety bug fixed in Thunderbird ESR 140.12 (5.3 MEDIUM)
- CVE-2025-70102 — A NULL pointer dereference occurs in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 while parsing configuration options (6.3 MEDIUM)
- CVE-2025-55663 — A segmentation violation in the Track_SetStreamDescriptor function (isomedia/track.c) of GPAC MP4Box v2.4 allows attackers to cause a Den... (5.5 MEDIUM)
- CVE-2025-55649 — A NULL pointer dereference in the gf_media_map_esd function (media_tools/isom_tools.c) of GPAC MP4Box v2.4 allows attackers to cause a De... (5.5 MEDIUM)
- CVE-2025-55643 — A NULL pointer dereference in the TrackWriter handling component (filters/mux_isom.c) of GPAC MP4Box v2.4 allows attackers to cause a Den... (5.5 MEDIUM)