Denial of Service Vulnerability in 389-ds-base LDAP Server by Red Hat
CVE-2025-2487

4.9MEDIUM

Key Information:

Vendor
Red Hat
Status
Red Hat Directory Server 12.4 Eus For Rhel 9
Red Hat Enterprise Linux 9.4 Extended Update Support
Red Hat Directory Server 12
Red Hat Enterprise Linux 6
Vendor
CVE Published:
18 March 2025

Summary

A flaw in the 389-ds-base LDAP Server allows a privileged user to trigger a Denial of Service condition. This vulnerability occurs during the Modify DN LDAP operation when the function's return value is not properly validated, leading to a potential NULL pointer dereference. Consequently, if a user executes a MODDN operation after an initial failure, the server may encounter a crash, impacting the availability of the service.

Affected Version(s)

Red Hat Directory Server 12.4 EUS for RHEL 9 9040020250325181857.1674d574

Red Hat Enterprise Linux 9.4 Extended Update Support 0:2.4.5-14.el9_4

References

https://access.redhat.com/errata/RHSA-2025:3663
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3670
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-2487
vdb-entryx_refsource_REDHAT

CVSS V3.1

Score:
4.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.