A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.
History

Thu, 10 Oct 2024 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Fedoraproject
Fedoraproject fedora
Redhat 389 Directory Server
Redhat enterprise Linux Eus
Redhat enterprise Linux For Arm 64 Eus
Redhat enterprise Linux For Ibm Z Systems
Redhat enterprise Linux For Ibm Z Systems Eus
Redhat enterprise Linux For Power Little Endian Eus
Redhat enterprise Linux Server Aus
Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
Redhat enterprise Linux Server Tus
Redhat enterprise Linux Update Services For Sap Solutions
CPEs cpe:2.3:a:redhat:directory_server:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:directory_server:11.7:*:*:*:*:*:*:*
cpe:2.3:a:redhat:directory_server:11.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:directory_server:12.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:41:*:*:*:*:*:*:*
cpe:2.3:o:redhat:389_directory_server:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*
Vendors & Products Fedoraproject
Fedoraproject fedora
Redhat 389 Directory Server
Redhat enterprise Linux Eus
Redhat enterprise Linux For Arm 64 Eus
Redhat enterprise Linux For Ibm Z Systems
Redhat enterprise Linux For Ibm Z Systems Eus
Redhat enterprise Linux For Power Little Endian Eus
Redhat enterprise Linux Server Aus
Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
Redhat enterprise Linux Server Tus
Redhat enterprise Linux Update Services For Sap Solutions

Tue, 01 Oct 2024 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 01 Oct 2024 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Redhat directory Server Eus
CPEs cpe:/a:redhat:directory_server_eus:12.2::el9
Vendors & Products Redhat directory Server Eus
References

Wed, 21 Aug 2024 19:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:rhel_eus:8.8

Wed, 21 Aug 2024 12:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:rhel_eus:8.8::appstream
References

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-02-12T13:04:39.944Z

Updated: 2024-12-04T14:20:42.482Z

Reserved: 2024-01-30T08:40:08.731Z

Link: CVE-2024-1062

cve-icon Vulnrichment

Updated: 2024-08-01T18:26:30.502Z

cve-icon NVD

Status : Modified

Published: 2024-02-12T13:15:09.210

Modified: 2024-11-21T08:49:42.513

Link: CVE-2024-1062

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-01-30T00:00:00Z

Links: CVE-2024-1062 - Bugzilla