Untriaged
Permalink
CVE-2025-2487
4.9 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): HIGH
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): HIGH
389-ds-base: null pointer dereference leads to denial of service
A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it could lead to a Denial of Service (DoS) or system crash.
References
- https://access.redhat.com/security/cve/CVE-2025-2487 x_refsource_REDHAT vdb-entry
- RHBZ#2353071 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2025-2487 x_refsource_REDHAT vdb-entry
- RHBZ#2353071 issue-tracking x_refsource_REDHAT
- RHSA-2025:3663 x_refsource_REDHAT vendor-advisory
- RHSA-2025:3670 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-2487 x_refsource_REDHAT vdb-entry
- RHBZ#2353071 issue-tracking x_refsource_REDHAT
- RHSA-2025:3663 x_refsource_REDHAT vendor-advisory
- RHSA-2025:3670 x_refsource_REDHAT vendor-advisory
- RHSA-2025:4491 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-2487 x_refsource_REDHAT vdb-entry
- RHBZ#2353071 issue-tracking x_refsource_REDHAT
- RHSA-2025:4491 x_refsource_REDHAT vendor-advisory
- RHSA-2025:7395 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-2487 x_refsource_REDHAT vdb-entry
- RHBZ#2353071 issue-tracking x_refsource_REDHAT
- RHSA-2025:3663 x_refsource_REDHAT vendor-advisory
- RHSA-2025:3670 x_refsource_REDHAT vendor-advisory
- RHSA-2025:3663 x_refsource_REDHAT vendor-advisory
- RHSA-2025:3670 x_refsource_REDHAT vendor-advisory
- RHSA-2025:4491 x_refsource_REDHAT vendor-advisory
- RHSA-2025:7395 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-2487 x_refsource_REDHAT vdb-entry
- RHBZ#2353071 issue-tracking x_refsource_REDHAT
- RHSA-2025:3663 x_refsource_REDHAT vendor-advisory
- RHSA-2025:3670 x_refsource_REDHAT vendor-advisory
- RHSA-2025:4491 x_refsource_REDHAT vendor-advisory
- RHSA-2025:7395 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-2487 x_refsource_REDHAT vdb-entry
- RHBZ#2353071 issue-tracking x_refsource_REDHAT
- RHSA-2025:4491 x_refsource_REDHAT vendor-advisory
- RHSA-2025:7395 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-2487 x_refsource_REDHAT vdb-entry
- RHBZ#2353071 issue-tracking x_refsource_REDHAT
- RHSA-2025:3663 x_refsource_REDHAT vendor-advisory
- RHSA-2025:3670 x_refsource_REDHAT vendor-advisory
- RHSA-2025:3670 x_refsource_REDHAT vendor-advisory
- RHSA-2025:4491 x_refsource_REDHAT vendor-advisory
- RHSA-2025:7395 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-2487 x_refsource_REDHAT vdb-entry
- RHBZ#2353071 issue-tracking x_refsource_REDHAT
- RHSA-2025:3663 x_refsource_REDHAT vendor-advisory
- RHSA-2025:3663 x_refsource_REDHAT vendor-advisory
- RHSA-2025:3670 x_refsource_REDHAT vendor-advisory
- RHSA-2025:4491 x_refsource_REDHAT vendor-advisory
- RHSA-2025:7395 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-2487 x_refsource_REDHAT vdb-entry
- RHBZ#2353071 issue-tracking x_refsource_REDHAT
- RHSA-2025:3663 x_refsource_REDHAT vendor-advisory
- RHSA-2025:3670 x_refsource_REDHAT vendor-advisory
- RHSA-2025:4491 x_refsource_REDHAT vendor-advisory
- RHSA-2025:7395 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-2487 x_refsource_REDHAT vdb-entry
- RHBZ#2353071 issue-tracking x_refsource_REDHAT
- RHSA-2025:3663 x_refsource_REDHAT vendor-advisory
- RHSA-2025:3670 x_refsource_REDHAT vendor-advisory
- RHSA-2025:4491 x_refsource_REDHAT vendor-advisory
- RHSA-2025:7395 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-2487 x_refsource_REDHAT vdb-entry
- RHBZ#2353071 issue-tracking x_refsource_REDHAT
Affected products
389-ds-base
- =<2.4.6
- =<3.0.6
- =<2.5.3
- *
- =<2.6.1
redhat-ds:12
- *
389-ds:1.4/389-ds-base
redhat-ds:11/389-ds-base
redhat-ds:12/389-ds-base
Matching in nixpkgs
pkgs._389-ds-base
Enterprise-class Open Source LDAP server for Linux
-
nixos-unstable -
- nixpkgs-unstable 3.1.3
Package maintainers
-
@ners ners <ners@gmx.ch>