CVE-2017-14746.html:

====================================================================
== Subject:     Use-after-free vulnerability.
==
== CVE ID#:     CVE-2017-14746
==
== Versions:    All versions of Samba from 4.0.0 onwards.
==
== Summary:     A client may use an SMB1 request to manipulate
==              the contents of heap space.
==
====================================================================

===========
Description
===========

All versions of Samba from 4.0.0 onwards are vulnerable to a use after
free vulnerability, where a malicious SMB1 request can be used to
control the contents of heap memory via a deallocated heap pointer. It
is possible this may be used to compromise the SMB server.

==================
Patch Availability
==================

A patch addressing this defect has been posted to

  http://www.samba.org/samba/security/

Additionally, Samba 4.7.3, 4.6.11 and 4.5.15 have been issued as
security releases to correct the defect. Patches against older Samba
versions are available at http://samba.org/samba/patches/. Samba
vendors and administrators running affected versions are advised to
upgrade or apply the patch as soon as possible.

==========
Workaround
==========

Prevent SMB1 access to the server by setting the parameter:

server min protocol = SMB2

to the [global] section of your smb.conf and restart smbd. This
prevents and SMB1 access to the server. Note this could cause older
clients to be unable to connect to the server.

=======
Credits
=======

This problem was found by Yihan Lian and Zhibin Hu of Qihoo 360
GearTeam. Jeremy Allison of Google and the Samba Team provided the
fix.