A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix of CVE-2021-3514.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Directory_server | Redhat | 11.0 (including) | 11.0 (including) |
Directory_server | Redhat | 12.0 (including) | 12.0 (including) |
Enterprise_linux | Redhat | 6.0 (including) | 6.0 (including) |
Enterprise_linux | Redhat | 7.0 (including) | 7.0 (including) |
Enterprise_linux | Redhat | 8.0 (including) | 8.0 (including) |
Enterprise_linux | Redhat | 9.0 (including) | 9.0 (including) |