A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability.
Weakness
The product dereferences a pointer that it expects to be valid but is NULL.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Slapi-nis | Slapi-nis_project | * | 0.56.7 (excluding) |
| Red Hat Enterprise Linux 7 | RedHat | slapi-nis-0:0.56.5-4.el7_9 | * |
| Red Hat Enterprise Linux 8 | RedHat | idm:DL1-8040020210416132749.5b01ab7e | * |
| Red Hat Enterprise Linux 8.1 Extended Update Support | RedHat | idm:DL1-8010020210426160345.6573b795 | * |
| Red Hat Enterprise Linux 8.2 Extended Update Support | RedHat | idm:DL1-8020020210426160405.792f4060 | * |
| Slapi-nis | Ubuntu | bionic | * |
| Slapi-nis | Ubuntu | focal | * |
| Slapi-nis | Ubuntu | groovy | * |
| Slapi-nis | Ubuntu | hirsute | * |
| Slapi-nis | Ubuntu | impish | * |
| Slapi-nis | Ubuntu | kinetic | * |
| Slapi-nis | Ubuntu | lunar | * |
| Slapi-nis | Ubuntu | mantic | * |
| Slapi-nis | Ubuntu | oracular | * |
| Slapi-nis | Ubuntu | plucky | * |
| Slapi-nis | Ubuntu | trusty | * |
| Slapi-nis | Ubuntu | xenial | * |
Potential Mitigations
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1944640
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GVQCDRQRFHXVR3Z3FQYM3UMC7QZUDDRJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MXMOMPTZTGOVFOZUUNXHOVCAYIPST74W/
- https://bugzilla.redhat.com/show_bug.cgi?id=1944640
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GVQCDRQRFHXVR3Z3FQYM3UMC7QZUDDRJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MXMOMPTZTGOVFOZUUNXHOVCAYIPST74W/