Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

SWIFT: POC Conversion

Sync from "Extern...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Undefined
Fix Version/s: rhel-9.7
Affects Version/s: rhel-9.7
Component/s: ipa
Labels:
- commit
- fixed_upstream

Fixed in Build:
ipa-4.12.2-20.el9
Regression:
No
Severity:
Important
Epic Link:
IDM-1265
sprint_count:
2

AssignedTeam:
rhel-idm-ipa

Dev Target Milestone:
25
Internal Target Milestone:
27
Story Points:
2
ACKs Check:

QE ack, Dev ack
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
No
Sprint:
2025-IDM-IPA-S1, 2025-IDM-IPA-S2

Preliminary Testing:
Pass
Errata Link:
https://errata.engineering.redhat.com/advisory/148368
Test Coverage:

Manual

Release Note Type:
Unspecified Release Note Type - Unknown
ProdDocsReview-CCS:
Unspecified
ProdDocsReview-Dev:
Unspecified
ProdDocsReview-QE:
Unspecified

Experience:

PX Impact Score:
SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

acl_list was set to prev->tl_data_contents and its value is freed but then is is freed again outside of the if(). Just reset acl_list pointer as prev->tl_data_contents is removed unconditionally outside of the RBCD ACL removal.

This can be reproduced by setting an RBCD ACL on a principal and then running kadmin.local getprincs:

# kinit admin
# ipa service-add cifs/server.ipa.test
# kadmin.local getprincs
double free or corruption (fasttop)
Aborted (core dumped)
#

links to

freeipa pagure 9367

RHBA-2025:148368 ipa bug fix and enhancement update

Assignee:: Florence Renaud

Reporter:: Florence Renaud

Developer:: Florence Renaud

QA Contact:: Sudhir Menon

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: 2025/07/25 8:24 AM

Updated:: 2025/09/03 11:29 AM

Dev Target end:: 2025/08/18

Target end:: 2025/09/01

Next Planned Release Date:: 2025/11/11

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates