A flaw was found in 389 Directory Server, affecting all versions including upstream 1.4.x. An improper handling of the search feature with an extended filter, when read access on <attribute_name> is enabled, in SetUnicodeStringFromUTF_8 function in collate.c, can lead to out-of-bounds memory operations. This may allow a remote unauthenticated attacker to trigger a server crash, thus resulting in denial of service. External References: https://pagure.io/389-ds-base/issue/49545 Upstream Patch: https://pagure.io/389-ds-base/c/14ce2fe0dfa67405dae
Created 389-ds-base tracking bugs for this issue: Affects: fedora-all [bug 1551515]
Created attachment 1404619 [details] Patch for CVE-2018-1054 Patch for CVE-2018-1054 attached.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:0414 https://access.redhat.com/errata/RHSA-2018:0414
Fixed upstream in versions 1.3.6.14, 1.3.7.10, and 1.4.0.6: http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-6-14.html http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-7-10.html http://directory.fedoraproject.org/docs/389ds/releases/release-1-4-0-6.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:0515 https://access.redhat.com/errata/RHSA-2018:0515