Bug 1630668 (CVE-2018-14648)
Summary: | CVE-2018-14648 389-ds-base: Mishandled search requests in servers/slapd/search.c:do_search() allows for denial of service | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Sam Fowler <sfowler> | ||||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||||
Status: | CLOSED ERRATA | QA Contact: | |||||||
Severity: | medium | Docs Contact: | |||||||
Priority: | medium | ||||||||
Version: | unspecified | CC: | carnil, cbuissar, lkrispen, mhonek, mreynolds, nkinder, rmeggins, security-response-team, spichugi, tbordaz, vashirov | ||||||
Target Milestone: | --- | Keywords: | Security | ||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | 389-ds-base 1.4.0.18, 389-ds-base 1.3.8.10 | Doc Type: | If docs needed, set a value | ||||||
Doc Text: |
It was found that a specially crafted search query could lead to excessive CPU consumption in the do_search() function. An unauthenticated attacker could use this flaw to provoke a denial of service.
|
Story Points: | --- | ||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2019-06-10 10:38:20 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Bug Depends On: | 1624004, 1631695, 1631696, 1633740 | ||||||||
Bug Blocks: | 1630669 | ||||||||
Attachments: |
|
Description
Sam Fowler
2018-09-19 03:46:12 UTC
Created 389-ds-base tracking bugs for this issue: Affects: fedora-all [bug 1631695] Sam, is there a upstream issue reference for this issue (and a commit reference)? Hi, Correcting the needinfo. The assigned engineer is on leave and you should get an update early next week. Regards YOG. Created attachment 1491956 [details]
fix for v1.3.8.4 (1/2)
Created attachment 1491958 [details]
additional regression fix for v1.3.8.4 (2/2)
Hi Salvatore, The fix has not been pushed upstream yet. You will find a proposed fix for v1.3.8.4 attachment (2 patches) External References: https://pagure.io/389-ds-base/issue/49969 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:3127 https://access.redhat.com/errata/RHSA-2018:3127 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.5 Extended Update Support Via RHSA-2018:3507 https://access.redhat.com/errata/RHSA-2018:3507 Patches are attached to this bugzilla. For upstream fixes: Fixed in 1.4.0.18 : https://pagure.io/389-ds-base/c/a49bd03d6 https://pagure.io/389-ds-base/c/a6369790c For older branches: * 1.3.7 : https://pagure.io/389-ds-base/c/c8ec6e58c https://pagure.io/389-ds-base/c/722a6f867 * 1.3.8 : https://pagure.io/389-ds-base/c/5fc374b43 https://pagure.io/389-ds-base/c/bdb1af66c |