Buffer Over-read Vulnerability in 389 Directory Server by Red Hat
CVE-2026-11789

4.9MEDIUM

Key Information:

Vendor

Red Hat
Status
Red Hat Directory Server 11
Red Hat Directory Server 12
Red Hat Directory Server 13
Red Hat Enterprise Linux 10
Vendor
CVE Published:
9 June 2026

What is CVE-2026-11789?

A flaw exists in the 389 Directory Server's SMD5 password storage plugin, where an unsigned integer underflow occurs during salt length computation from a crafted password hash that is less than 16 bytes. This vulnerability can lead to a buffer over-read, which disrupts the normal authentication process and potentially crashes the LDAP server. Ensuring proper input validation and updating to the latest patches are crucial for safeguarding against this type of security risk.

References

https://access.redhat.com/security/cve/CVE-2026-11789
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2485422
issue-trackingx_refsource_REDHAT
https://redhat.atlassian.net/browse/PSIRTSUPT-7600

CVSS V3.1

Score:
4.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.