Nixpkgs Security Tracker

Permalink CVE-2025-14905

7.2 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): HIGH
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

updated 1 month ago by @mweinelt Activity log

Created automatic suggestion 1 month ago
@mweinelt accepted 1 month ago
@mweinelt published on GitHub 1 month ago

389-ds-base: 389-ds-base: remote code execution and denial of service via heap buffer overflow

A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).

References

https://access.redhat.com/security/cve/CVE-2025-14905 x_refsource_REDHAT vdb-entry
RHBZ#2423624 issue-tracking x_refsource_REDHAT

Affected products

389-ds-base

389-ds:1.4/389-ds-base

redhat-ds:11/389-ds-base

redhat-ds:12/389-ds-base

Matching in nixpkgs

pkgs._389-ds-base

Enterprise-class Open Source LDAP server for Linux

nixos-unstable 3.1.3
- nixpkgs-unstable 3.1.3
- nixos-unstable-small 3.1.3
nixos-25.11 3.1.3
- nixos-25.11-small 3.1.3
- nixpkgs-25.11-darwin 3.1.3

Package maintainers

@ners ners <ners@gmx.ch>

https://bugzilla.redhat.com/show_bug.cgi?id=2423624

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs._389-ds-base

Package maintainers