Bug 2459270 (CVE-2026-34232)

Summary: CVE-2026-34232 Firebird: Firebird: Denial of Service via crafted op_response packet
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in Firebird, an open-source relational database management system. The `xdr_status_vector()` function, responsible for decoding server responses, does not properly handle a specific data type (`isc_arg_cstring`) within an `op_response` packet. An unauthenticated attacker can exploit this vulnerability by sending a specially crafted `op_response` packet to the server, leading to a server crash and a Denial of Service (DoS).
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2459718, 2459719, 2459721, 2459720    
Bug Blocks:    

Description OSIDB Bzimport 2026-04-17 20:01:29 UTC 
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdr_status_vector() function does not handle the isc_arg_cstring type when decoding an op_response packet, causing a server crash when one is encountered in the status vector. An unauthenticated attacker can exploit this by sending a crafted op_response packet to the server. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14.