2293579 – (CVE-2024-6237) CVE-2024-6237 389-ds-base: unauthenticated user can trigger a DoS by sending a specific extended search request

Bug 2293579 (CVE-2024-6237) - CVE-2024-6237 389-ds-base: unauthenticated user can trigger a DoS by sending a specific extended search request

Summary: CVE-2024-6237 389-ds-base: unauthenticated user can trigger a DoS by sending ...

Keywords:
Status:	NEW
Alias:	CVE-2024-6237
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2293926 2293927 2293928 2293929 2294858 2294859
Blocks:	2293580
TreeView+	depends on / blocked

Reported:	2024-06-21 02:42 UTC by Robb Gatica
Modified:	2024-10-10 13:50 UTC (History)
CC List:	13 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2024:4997	0	None	None	None	2024-08-05 00:59:26 UTC
Red Hat Product Errata	RHSA-2024:5192	0	None	None	None	2024-08-12 01:26:43 UTC

Description Robb Gatica 2024-06-21 02:42:14 UTC

Summary:
An unauthenticated user can cause a systematic server crash while sending a specific extended search request.

Description:
389-ds-base  in RHEL 9.4 - RHDS 12.4, supports a new matching rule  (inchain or 1.2.840.113556.1.4.1941). This matching rule requires that 
the matching attribute has a DN syntax. If the attribute in the ldap client request is not DN syntax, the server logs a message. The format of the message requires an attribute but as the attribute is missing, it triggers a SEGV.

Steps to reproduce:
See below

Comment 12 Thomas Eagle 2024-06-28 21:14:09 UTC

product definitions have been updated for 12.3, 12.4, and 12.5

Comment 19 Sandipan Roy 2024-07-09 17:05:18 UTC

Public Issue: https://github.com/389ds/389-ds-base/issues/5989

Comment 20 errata-xmlrpc 2024-08-05 00:59:25 UTC

This issue has been addressed in the following products:

  Red Hat Directory Server 12.4 for RHEL 9

Via RHSA-2024:4997 https://access.redhat.com/errata/RHSA-2024:4997

Comment 21 errata-xmlrpc 2024-08-12 01:26:41 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:5192 https://access.redhat.com/errata/RHSA-2024:5192

Note You need to log in before you can comment on or make changes to this bug.