RHSA-2026:5598 Red Hat Security Advisory: 389-ds-base security update
Details
CVSS v3
7.2
NVD published
2026-02-23 16:29:35
EPSS
0.5% probability · 67.5th percentile — 2026-03-24
Affected versions
Not available in our cache.
Summary
A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.