Fedora Account System
Red Hat Associate
Red Hat Customer
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The dereference control plugin in 389 Directory Server fails to check the return value of ber_init() for NULL before use in deref_parse_ctrl_value() (deref.c). When memory allocation fails under memory pressure, an unauthenticated LDAP client sending a search with the deref control can crash ns-slapd. The deref plugin is enabled by default. Crash confirmed via GDB fault injection on Fedora 42 (SIGABRT) and CentOS 7 (SIGSEGV on OpenLDAP 2.4). Vulnerable code present since deref plugin introduction in 389-ds-base 1.2.6 (~2010).