Heap Buffer Overflow in 389 Directory Server from Red Hat
CVE-2026-14940

5.3MEDIUM

What is CVE-2026-14940?

A vulnerability exists in the 389 Directory Server where a heap buffer overflow can occur during the normalization of Distinguished Names (DNs). When an unauthenticated remote attacker sends a crafted LDAP operation with a legacy-quoted value, the server may write beyond the allocated heap memory while sorting the RDN attribute-value pairs. This can lead to memory corruption and potentially result in a denial of service. Users of the affected server should take immediate actions to mitigate this risk.

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Red Hat would like to thank Denis Rastyogin (ALT Linux) for reporting this issue.
.