Uploaded image for project: 'Red Hat Directory Server'
  1. Red Hat Directory Server
  2. DIRSRV-81

CVE-2024-5953 redhat-ds:12/389-ds-base: Malformed userPassword hash may cause Denial of Service [directory_server_13.0]

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Normal Normal
    • dirsrv-13.0
    • dirsrv-12.3
    • 389-ds-base
    • None
    • rhel-sst-idm-ds
    • 0
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None

      Description of problem:
      Customer is trying to migrate to RHDS 12.
      They are running some tests with RHDS 12.3 and they are getting ns-slapd crashes regularly.
      There are 3 custom plugins and the DNA plugin is enabled.

      Version-Release number of selected component (if applicable):
      $ cat <SOS_REPORT>/etc/redhat-release
      Red Hat Enterprise Linux release 9.3 (Plow)
      $
      $ grep <SOS_REPORT>/389-ds installed-rpms
      389-ds-base-2.3.6-8.module+el9dsrv+20821+6bc979c1.x86_64 Thu Feb 15 18:33:01 2024
      389-ds-base-libs-2.3.6-8.module+el9dsrv+20821+6bc979c1.x86_64 Thu Feb 15 18:33:01 2024
      cockpit-389-ds-2.3.6-8.module+el9dsrv+20821+6bc979c1.noarch Thu Feb 15 18:33:40 2024
      $

      How reproducible:
      Regularly at customer site.

      Steps to Reproduce:
      Customer could crash the server with some DEL / ADD / MOD operations.

      Actual results:
      ns-slapd is crashing.

      Expected results:
      Server should not crash.

      Additional info:
      The stacktraces are all different.
      This likely indicates memory corruption issues.

              idm-ds-dev-bugs IdM DS Dev
              rhn-support-tmihinto Têko Mihinto
              IdM DS QE IdM DS QE
              Evgenia Martyniuk Evgenia Martyniuk
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: