389-ds-base-2.7.0-10.el9_7

エラータID: AXSA:2026-239:01

リリース日: 
2026/02/27 Friday - 18:34
題名: 
389-ds-base-2.7.0-10.el9_7
影響のあるチャネル: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

Security Fix(es):

* 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow (CVE-2025-14905)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-14905
A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).

解決策: 

Update packages.

CVE: 
CVE-2025-14905
A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. 389-ds-base-2.7.0-10.el9_7.src.rpm
    MD5: 88f78ce659d1851783d6faf39e00c17e
    SHA-256: 8cfa9e469f54f8d9eab54c338a85943fb73ab6bf9291f30e741102130e968bdb
    Size: 59.86 MB

Asianux Server 9 for x86_64
  1. 389-ds-base-2.7.0-10.el9_7.x86_64.rpm
    MD5: 1c58dc24c2b423de6043350ed1a746b1
    SHA-256: 58440b9f9632ec9ea05cbfe389dcc78212ad2cf18fa841e65520bc50dcc5ec00
    Size: 2.93 MB
  2. 389-ds-base-devel-2.7.0-10.el9_7.x86_64.rpm
    MD5: 157042f82a3c3907a3490b27b4733422
    SHA-256: e05dc81619bd8966013a9123cad6011ad0c7ff3f52d27e5908108222ba861f55
    Size: 125.59 kB
  3. 389-ds-base-libs-2.7.0-10.el9_7.x86_64.rpm
    MD5: ab7fbfb7241feaadcef388601c1a804d
    SHA-256: e0bd3ceabcf9220cc9b414e07d58578eb260be9d868dd43ac4604e01501808c7
    Size: 1.49 MB
  4. 389-ds-base-snmp-2.7.0-10.el9_7.x86_64.rpm
    MD5: 57b3601eab4030fbc3cc550f7e389650
    SHA-256: c40082523ee6ad5adcd28ae09d222d25ca223defc4c345b808b8e0821680db7b
    Size: 47.89 kB
  5. python3-lib389-2.7.0-10.el9_7.noarch.rpm
    MD5: 4104d125ef40e4391f3423481f1aa4d2
    SHA-256: c3b535fb54ef4db131826b61c8897b8e4fa8d76a87d71d6982a89bd6a23f9665
    Size: 1.09 MB