ELSA-2025-4491

Опубликовано: 06 мая 2025

Источник: oracle-oval

Платформа: Oracle Linux 9

Описание

ELSA-2025-4491: 389-ds-base security update (MODERATE)

[2.5.2-9]

Resolves: RHEL-83874 - CVE-2025-2487 389-ds-base: null pointer dereference leads to denial of service [rhel-9.5.z]
Resolves: RHEL-80712 - Increased memory consumption caused by NDN cache [rhel-9.5.z]
Resolves: RHEL-87194 - Some replication status data are reset upon a restart. [rhel-9.5.z]

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

389-ds-base-devel

2.5.2-9.el9_5

389-ds-base

2.5.2-9.el9_5

389-ds-base-libs

2.5.2-9.el9_5

389-ds-base-snmp

2.5.2-9.el9_5

python3-lib389

2.5.2-9.el9_5

Oracle Linux x86_64

389-ds-base

2.5.2-9.el9_5

389-ds-base-libs

2.5.2-9.el9_5

389-ds-base-snmp

2.5.2-9.el9_5

python3-lib389

2.5.2-9.el9_5

389-ds-base-devel

2.5.2-9.el9_5

Связанные CVE

CVE-2025-2487

Ссылки на источники

Связанные уязвимости

CVE-2025-2487

CVSS3: 4.9

ubuntu

5 месяцев назад

A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it could lead to a Denial of Service (DoS) or system crash.