Heap Buffer Overflow in 389 Directory Server by Red Hat
CVE-2026-11610
8.8HIGH
What is CVE-2026-11610?
A heap buffer overflow vulnerability exists in the SASL I/O layer of the 389 Directory Server. This flaw arises when an authenticated attacker sends a specially crafted oversized LDAP UNBIND packet, which can lead to a buffer overflow in the sasl_io_recv() function. The vulnerability allows for up to approximately 2 megabytes of attacker-controlled data to overwrite the buffer, potentially causing a denial of service and crashing the server. This can be exploited over the network by any domain user with a valid Kerberos ticket or an enrolled host/service account following authentication via GSSAPI. The issue remains unaddressed since its introduction in earlier versions of the product.