Bug 1899675 (CVE-2020-25709) - CVE-2020-25709 openldap: assertion failure in Certificate List syntax validation
Summary: CVE-2020-25709 openldap: assertion failure in Certificate List syntax validation
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2020-25709
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1900139 2040539
Blocks: 1899680 1939986
TreeView+ depends on / blocked
 
Reported: 2020-11-19 18:52 UTC by Guilherme de Almeida Suckevicz
Modified: 2022-02-22 16:59 UTC (History)
50 users (show)

See Also:
Fixed In Version: openldap 2.4.56
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.
Clone Of:
Environment:
Last Closed: 2022-01-15 01:30:46 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2022:0621 0 None None None 2022-02-22 16:59:40 UTC

Description Guilherme de Almeida Suckevicz 2020-11-19 18:52:14 UTC 
A malicious packet can force OpenLDAP to fail an assertion in certificateListValidate function in servers/slapd/schema_init.c.

Reference:
https://bugs.openldap.org/show_bug.cgi?id=9383

Upstream patch:
https://git.openldap.org/openldap/openldap/-/commit/67670f4544e28fb09eb7319c39f404e1d3229e65
Comment 3 Todd Cullum 2020-11-23 20:26:08 UTC 
External References:

https://git.openldap.org/openldap/openldap/-/commit/ab3915154e69920d480205b4bf5ccb2b391a0a1f#a2feb6ed0257c21c6672793ee2f94eaadc10c72c
Comment 8 Todd Cullum 2020-12-02 17:55:12 UTC 
Statement:

This flaw does not affect Red Hat Enterprise Linux 8 because the slapd server is not shipped in the Red Hat Enterprise Linux 8 repositories.
Comment 15 Product Security DevOps Team 2021-07-02 04:40:24 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-25709
Comment 17 Product Security DevOps Team 2022-01-14 01:00:40 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-25709
Comment 19 Product Security DevOps Team 2022-01-15 01:30:43 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-25709
Comment 24 errata-xmlrpc 2022-02-22 16:59:37 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2022:0621 https://access.redhat.com/errata/RHSA-2022:0621
Note You need to log in before you can comment on or make changes to this bug.