Two vulnerabilities were discovered within in the Samba Smbd daemon which allow an attacker to trigger a null pointer dereference or an uninitialized variable read by sending a specific 'Sessions Setup AndX' query. Successful exploitation of these issues will result in a denial of service. Versions 3.4.7 and below and 3.5.1 and below are affected.
966a849f6f0bbe77647f785e18d732c6cf90fc1d9ef2d25203e0af89f41f2e05