An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openldap | Openldap | * | 2.4.57 (excluding) |
Openldap | Ubuntu | bionic | * |
Openldap | Ubuntu | devel | * |
Openldap | Ubuntu | esm-infra-legacy/trusty | * |
Openldap | Ubuntu | focal | * |
Openldap | Ubuntu | groovy | * |
Openldap | Ubuntu | hirsute | * |
Openldap | Ubuntu | impish | * |
Openldap | Ubuntu | jammy | * |
Openldap | Ubuntu | kinetic | * |
Openldap | Ubuntu | lunar | * |
Openldap | Ubuntu | mantic | * |
Openldap | Ubuntu | noble | * |
Openldap | Ubuntu | oracular | * |
Openldap | Ubuntu | precise/esm | * |
Openldap | Ubuntu | trusty | * |
Openldap | Ubuntu | trusty/esm | * |
Openldap | Ubuntu | upstream | * |
Openldap | Ubuntu | xenial | * |