389-ds-base-2.7.0-10.el9_7
エラータID: AXSA:2026-239:01
リリース日:
2026/02/27 Friday - 18:34
題名:
389-ds-base-2.7.0-10.el9_7
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- 389-ds-base の schema_attr_enum_callback() 関数には、追加の
書式文字を考慮せずに文字列の長さを誤って算出してしまうことに起因
したヒープ領域のバッファオーバーフローの問題があるため、リモート
の攻撃者により、任意のコードの実行、およびサービス拒否攻撃を可能
とする脆弱性が存在します。(CVE-2025-14905)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-14905
A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).
A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).
追加情報:
N/A
ダウンロード:
SRPMS
- 389-ds-base-2.7.0-10.el9_7.src.rpm
MD5: 88f78ce659d1851783d6faf39e00c17e
SHA-256: 8cfa9e469f54f8d9eab54c338a85943fb73ab6bf9291f30e741102130e968bdb
Size: 59.86 MB
Asianux Server 9 for x86_64
- 389-ds-base-2.7.0-10.el9_7.x86_64.rpm
MD5: 1c58dc24c2b423de6043350ed1a746b1
SHA-256: 58440b9f9632ec9ea05cbfe389dcc78212ad2cf18fa841e65520bc50dcc5ec00
Size: 2.93 MB - 389-ds-base-devel-2.7.0-10.el9_7.x86_64.rpm
MD5: 157042f82a3c3907a3490b27b4733422
SHA-256: e05dc81619bd8966013a9123cad6011ad0c7ff3f52d27e5908108222ba861f55
Size: 125.59 kB - 389-ds-base-libs-2.7.0-10.el9_7.x86_64.rpm
MD5: ab7fbfb7241feaadcef388601c1a804d
SHA-256: e0bd3ceabcf9220cc9b414e07d58578eb260be9d868dd43ac4604e01501808c7
Size: 1.49 MB - 389-ds-base-snmp-2.7.0-10.el9_7.x86_64.rpm
MD5: 57b3601eab4030fbc3cc550f7e389650
SHA-256: c40082523ee6ad5adcd28ae09d222d25ca223defc4c345b808b8e0821680db7b
Size: 47.89 kB - python3-lib389-2.7.0-10.el9_7.noarch.rpm
MD5: 4104d125ef40e4391f3423481f1aa4d2
SHA-256: c3b535fb54ef4db131826b61c8897b8e4fa8d76a87d71d6982a89bd6a23f9665
Size: 1.09 MB
English