CVE-2025-14905
389-ds-base: 389-ds-base: remote code execution and denial of service via heap buffer overflow
A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Red Hat · Red Hat Directory Server 11.5 E4S for RHEL 8Red Hat · Red Hat Directory Server 11.7 E4S for RHEL 8Red Hat · Red Hat Directory Server 11.9 for RHEL 8Red Hat · Red Hat Directory Server 12Red Hat · Red Hat Directory Server 12.2 E4S for RHEL 9Red Hat · Red Hat Directory Server 12.4 EUS for RHEL 9Red Hat · Red Hat Directory Server 13Red Hat · Red Hat Directory Server 13.1Red Hat · Red Hat Enterprise Linux 10Red Hat · Red Hat Enterprise Linux 10.0 Extended Update SupportRed Hat · Red Hat Enterprise Linux 6Red Hat · Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat · Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat · Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.4 Extended Update SupportRed Hat · Red Hat Enterprise Linux 9.6 Extended Update SupportQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://access.redhat.com/errata/RHSA-2026:3189https://access.redhat.com/errata/RHSA-2026:3208https://access.redhat.com/errata/RHSA-2026:3379https://access.redhat.com/errata/RHSA-2026:3504https://access.redhat.com/errata/RHSA-2026:4207https://access.redhat.com/errata/RHSA-2026:4661https://access.redhat.com/errata/RHSA-2026:4720https://access.redhat.com/errata/RHSA-2026:5196https://access.redhat.com/errata/RHSA-2026:5511https://access.redhat.com/errata/RHSA-2026:5512https://access.redhat.com/errata/RHSA-2026:5513https://access.redhat.com/errata/RHSA-2026:5514