RHSA-2026:3379

Vulnerability from csaf_redhat - Published: 2026-02-25 20:03 - Updated: 2026-02-25 20:05
Summary
Red Hat Security Advisory: Red Hat Directory Server 13.1 container image available as a Technology Preview

Notes

Topic
Red Hat Directory Server 13.1 container images for RHEL 10 are now available as a Technology Preview in the Red Hat container registry.
Details
Red Hat Directory Server is an LDAPv3-compliant directory server. The image is maintained by Red Hat and updated regularly. To pull this container image, run the following command: podman pull registry.redhat.io/dirsrv/dirsrv-container-rhel10:13.1
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
To clipboard 

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat Directory Server 13.1 container images for RHEL 10 are now available as a Technology Preview in the Red Hat container registry.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Directory Server is an LDAPv3-compliant directory server. The image is maintained by Red Hat and updated regularly.\nTo pull this container image, run the following command: podman pull registry.redhat.io/dirsrv/dirsrv-container-rhel10:13.1",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:3379",
        "url": "https://access.redhat.com/errata/RHSA-2026:3379"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-14905",
        "url": "https://access.redhat.com/security/cve/CVE-2025-14905"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/support/offerings/techpreview",
        "url": "https://access.redhat.com/support/offerings/techpreview"
      },
      {
        "category": "external",
        "summary": "https://catalog.redhat.com/software/containers/search",
        "url": "https://catalog.redhat.com/software/containers/search"
      },
      {
        "category": "external",
        "summary": "https://docs.redhat.com/en/documentation/red_hat_directory_server/13/html/red_hat_directory_server_13_release_notes/index",
        "url": "https://docs.redhat.com/en/documentation/red_hat_directory_server/13/html/red_hat_directory_server_13_release_notes/index"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3379.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Directory Server 13.1 container image available as a Technology Preview",
    "tracking": {
      "current_release_date": "2026-02-25T20:05:11+00:00",
      "generator": {
        "date": "2026-02-25T20:05:11+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.7.1"
        }
      },
      "id": "RHSA-2026:3379",
      "initial_release_date": "2026-02-25T20:03:51+00:00",
      "revision_history": [
        {
          "date": "2026-02-25T20:03:51+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-02-25T20:04:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-02-25T20:05:11+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Directory Server 13.1",
                "product": {
                  "name": "Red Hat Directory Server 13.1",
                  "product_id": "Red Hat Directory Server 13.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:directory_server:13.1::el10"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Directory Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/dirsrv/dirsrv-container-rhel10@sha256:5e49efa2b8764403fad13b81c968b76c7b6400fabd83bf95e2f7667b90e93ab5_amd64",
                "product": {
                  "name": "registry.redhat.io/dirsrv/dirsrv-container-rhel10@sha256:5e49efa2b8764403fad13b81c968b76c7b6400fabd83bf95e2f7667b90e93ab5_amd64",
                  "product_id": "registry.redhat.io/dirsrv/dirsrv-container-rhel10@sha256:5e49efa2b8764403fad13b81c968b76c7b6400fabd83bf95e2f7667b90e93ab5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dirsrv-container-rhel10@sha256%3A5e49efa2b8764403fad13b81c968b76c7b6400fabd83bf95e2f7667b90e93ab5?arch=amd64\u0026repository_url=registry.redhat.io/dirsrv\u0026tag=1772040913"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/dirsrv/dirsrv-container-rhel10@sha256:5e49efa2b8764403fad13b81c968b76c7b6400fabd83bf95e2f7667b90e93ab5_amd64 as a component of Red Hat Directory Server 13.1",
          "product_id": "Red Hat Directory Server 13.1:registry.redhat.io/dirsrv/dirsrv-container-rhel10@sha256:5e49efa2b8764403fad13b81c968b76c7b6400fabd83bf95e2f7667b90e93ab5_amd64"
        },
        "product_reference": "registry.redhat.io/dirsrv/dirsrv-container-rhel10@sha256:5e49efa2b8764403fad13b81c968b76c7b6400fabd83bf95e2f7667b90e93ab5_amd64",
        "relates_to_product_reference": "Red Hat Directory Server 13.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "organization": "Red Hat Inc.",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2025-14905",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "discovery_date": "2025-12-18T18:04:56.621000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2423624"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated Moderate for Red Hat Directory Server. A heap buffer overflow in the `389-ds-base` component can lead to a denial of service or potential remote code execution. Exploitation requires high privileges on the Directory Server, limiting the attack surface to authenticated administrative users.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Directory Server 13.1:registry.redhat.io/dirsrv/dirsrv-container-rhel10@sha256:5e49efa2b8764403fad13b81c968b76c7b6400fabd83bf95e2f7667b90e93ab5_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-14905"
        },
        {
          "category": "external",
          "summary": "RHBZ#2423624",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423624"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-14905",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-14905"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-14905",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14905"
        }
      ],
      "release_date": "2026-02-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-02-25T20:03:51+00:00",
          "details": "The container image provided by this update can be downloaded from the Red Hat container registry at registry.redhat.io using the \"podman pull\" command. For more information about the image, search the \u003cimage_name\u003e in the Red Hat Ecosystem Catalog: https://catalog.redhat.com/software/containers/search",
          "product_ids": [
            "Red Hat Directory Server 13.1:registry.redhat.io/dirsrv/dirsrv-container-rhel10@sha256:5e49efa2b8764403fad13b81c968b76c7b6400fabd83bf95e2f7667b90e93ab5_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:3379"
        },
        {
          "category": "workaround",
          "details": "Restrict network access to the 389-ds-base server to only trusted hosts and networks using firewall rules. Additionally, ensure that administrative access to the server is strictly limited to authorized personnel with strong authentication, as exploitation requires high privileges. This reduces the attack surface and the likelihood of an attacker gaining the necessary privileges to trigger the heap overflow.",
          "product_ids": [
            "Red Hat Directory Server 13.1:registry.redhat.io/dirsrv/dirsrv-container-rhel10@sha256:5e49efa2b8764403fad13b81c968b76c7b6400fabd83bf95e2f7667b90e93ab5_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Directory Server 13.1:registry.redhat.io/dirsrv/dirsrv-container-rhel10@sha256:5e49efa2b8764403fad13b81c968b76c7b6400fabd83bf95e2f7667b90e93ab5_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.