Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.2
389-ds-base Server: Remote Attackers Can Crash Service or Steal Data
CVE-2025-14905
Summary
A bug in the 389-ds-base server can allow remote attackers to crash the service or steal sensitive information. This is because the server doesn't properly handle large amounts of data when processing it. To protect your system, update to the latest version of the 389-ds-base server as soon as possible.
Original title
A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrec...
Original description
A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).
nvd CVSS3.1
7.2
Vulnerability type
CWE-122
Heap-based Buffer Overflow
- https://access.redhat.com/errata/RHSA-2026:3189
- https://access.redhat.com/errata/RHSA-2026:3208
- https://access.redhat.com/errata/RHSA-2026:3379
- https://access.redhat.com/errata/RHSA-2026:3504
- https://access.redhat.com/security/cve/CVE-2025-14905
- https://bugzilla.redhat.com/show_bug.cgi?id=2423624
- https://access.redhat.com/errata/RHSA-2026:4207
Published: 23 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026