CVE-2021-27212

Опубликовано: 14 фев. 2021

Источник: redhat

CVSS3: 7.5

Описание

In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.

A flaw was found in openldap. An assertion failure in slapd can occur resulting in a denial of service (daemon exit) via a short timestamp. The highest threat from this vulnerability is to system availability.

Отчет

Red Hat Enterprise Linux 8 and 9 are not affected as we have not shipped the OpenLDAP-servers package.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	compat-openldap	Out of support scope
Red Hat Enterprise Linux 6	openldap	Out of support scope
Red Hat Enterprise Linux 7	compat-openldap	Out of support scope
Red Hat Enterprise Linux 7	openldap	Out of support scope
Red Hat Enterprise Linux 8	openldap	Not affected
Red Hat Enterprise Linux 9	openldap	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-400

https://bugzilla.redhat.com/show_bug.cgi?id=1928774openldap: Assertion failure in slapd in the issuerAndThisUpdateCheck function

7.5 High

CVSS3

Связанные уязвимости

CVE-2021-27212

CVSS3: 7.5

ubuntu

больше 4 лет назад

CVE-2021-27212

CVSS3: 7.5

nvd

больше 4 лет назад

CVE-2021-27212

CVSS3: 7.5

msrc

больше 4 лет назад

Описание отсутствует

CVE-2021-27212

CVSS3: 7.5

debian

больше 4 лет назад

In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion ...

GHSA-274h-c788-hf3c

github

около 3 лет назад

7.5 High

CVSS3