An update for 389-ds-base is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base
packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.
Security Fix(es):
* 389-ds-base: 389-ds-base: Heap buffer overflow in sasl_io_recv() via padded
SASL UNBIND (CVE-2026-11610)
* 389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses
size limit leading to heap buffer overflow (CVE-2026-11774)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
CVE-2026-11610: Heap-based Buffer Overflow (CWE-122)
CVE-2026-11774: Integer Overflow or Wraparound (CWE-190)
| # | Наименование новости | Тональность | Информативность | Дата публикации |
|---|---|---|---|---|
| 1 | Zwei Probleme in 389-ds-base (Red Hat) | 0 | 5 | 08-07-2026 |
| 2 | Zwei Probleme in skopeo (Red Hat) | 0 | 5 | 08-07-2026 |
| 3 | Mehrere Probleme in Linux (Red Hat) | 0 | 5 | 08-07-2026 |
| 4 | Zwei Probleme in python-fastar (Fedora) | 0 | 5 | 08-07-2026 |
| 5 | Zwei Probleme in python-pillow-jxl-plugin (Fedora) | 0 | 5 | 08-07-2026 |
| 6 | Denial of Service in aardvark-dns (Red Hat) | 0 | 5 | 08-07-2026 |
| 7 | Zwei Probleme in python-rignore (Fedora) | 0 | 0 | 08-07-2026 |
| 8 | Denial of Service in freeipmi (Red Hat) | -5 | 7 | 08-07-2026 |
| 9 | Denial of Service in freeipmi (Red Hat) | 0 | 5 | 08-07-2026 |
| 10 | Mehrere Probleme in kubevirt-1.6 (SUSE) | 0 | 5 | 08-07-2026 |