Fedora Account System
Red Hat Associate
Red Hat Customer
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. A flaw was found in 389 Directory Server. The PBKDF2-SHA256 password verification function pbkdf2_sha256_pw_cmp() in ldap/servers/plugins/pwdstorage/pbkdf2_pwd.c uses standard memcmp() for hash comparison instead of the project's constant-time slapi_ct_memcmp(). Every other password storage scheme in the same plugin uses slapi_ct_memcmp(), which was introduced specifically to prevent timing side-channels (see CVE-2016-5405). This inconsistency allows a remote attacker with network access to the LDAP service to potentially infer partial hash information through repeated timing measurements of LDAP bind attempts. Practical exploitation is extremely difficult due to the PBKDF2 work factor (8192+ iterations, ~2ms computation time) which dominates and masks the nanosecond-level memcmp timing delta.