Heap Buffer Overflow Vulnerability in 389-ds-base Server by Red Hat
CVE-2025-14905

7.2HIGH

Key Information:

Vendor: Red Hat
Status: Red Hat Directory Server 11.5 E4s For Rhel 8; Red Hat Directory Server 11.7 E4s For Rhel 8; Red Hat Directory Server 11.9 For Rhel 8; Red Hat Directory Server 12.2 E4s For Rhel 9
Vendor: CVE Published:; 23 February 2026

🔔 Create Red Hat Vulnerability Alert

What is CVE-2025-14905?

A vulnerability exists in the 389-ds-base server due to improper calculation of buffer sizes in the schema_attr_enum_callback function. This flaw can lead to a heap overflow when processing numerous aliases, potentially enabling a remote attacker to interrupt service operations or execute arbitrary code remotely. Addressing this vulnerability is critical to maintain system integrity and availability.

Affected Version(s)

Red Hat Directory Server 11.5 E4S for RHEL 8 8060020260303152239.0ca98e7e

Red Hat Directory Server 11.7 E4S for RHEL 8 8080020260227193008.f969626e

Red Hat Directory Server 11.9 for RHEL 8 8100020260312105752.37ed7c03

References

https://access.redhat.com/errata/RHSA-2026:3189

vendor-advisoryx_refsource_REDHAT

https://access.redhat.com/errata/RHSA-2026:3208

vendor-advisoryx_refsource_REDHAT

https://access.redhat.com/errata/RHSA-2026:3379

vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 23, 2026
Vulnerability Reserved
Dec 18, 2025

Credit

This issue was discovered by Red Hat Security Research Team (Red Hat Inc.).

CVE-2025-14905 Data

.