Preface: Samba is an implementation of the Server Message Block (SMB)/Common Internet File System (CIFS) protocol for Unix systems, providing support for cross-platform file and printer sharing with Microsoft Windows, OS X, and other Unix.
Vulnerabilities highlights:
Double free error is caused by freeing same memory location twice by calling free() on the same allocated memory. A NULL pointer dereference is a sub type of an error causing a segmentation fault. It occurs when a program attempts to read or write to memory with a NULL pointer. This design limitation was happen in a lot of software application. Found above vulnerabilities occurs in Samba server. For more details, please refer below:
Unprivileged adding of CNAME record causing loop in AD Internal DNS server : https://www.samba.org/samba/security/CVE-2018-14629.html
Double-free in Samba AD DC KDC with PKINIT
https://www.samba.org/samba/security/CVE-2018-16841.html
NULL pointer de-reference in Samba AD DC LDAP server
https://www.samba.org/samba/security/CVE-2018-16851.html
NULL pointer de-reference in Samba AD DC DNS servers
https://www.samba.org/samba/security/CVE-2018-16852.html
Samba AD DC S4U2Self Crash in experimental MIT Kerberos configuration (unsupported)
https://www.samba.org/samba/security/CVE-2018-16853.html
Bad password count in AD DC not always effective
https://www.samba.org/samba/security/CVE-2018-16857.html