CVE-2025-14905
389-ds-base: 389-ds-base: remote code execution and denial of service via heap buffer overflow
CVSS Score
7.2
EPSS Score
0.5%
EPSS Percentile
64th
A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).
| CWE | CWE-122 |
| Vendor | red hat |
| Product | red hat directory server 11.5 e4s for rhel 8 |
| Published | Feb 23, 2026 |
| Last Updated | Mar 31, 2026 |
Stay Ahead of the Next One
Get instant alerts for red hat red hat directory server 11.5 e4s for rhel 8
Be the first to know when new high vulnerabilities affecting red hat red hat directory server 11.5 e4s for rhel 8 are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected Versions
Red Hat / Red Hat Directory Server 11.5 E4S for RHEL 8
All versions affected Red Hat / Red Hat Directory Server 11.7 E4S for RHEL 8
All versions affected Red Hat / Red Hat Directory Server 11.9 for RHEL 8
All versions affected Red Hat / Red Hat Directory Server 12.2 E4S for RHEL 9
All versions affected Red Hat / Red Hat Directory Server 12.4 EUS for RHEL 9
All versions affected Red Hat / Red Hat Enterprise Linux 10
All versions affected Red Hat / Red Hat Enterprise Linux 10.0 Extended Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 7 Extended Lifecycle Support
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 8.2 Advanced Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Telecommunications Update Service
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 8.8 Telecommunications Update Service
All versions affected Red Hat / Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 9.4 Extended Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 9.6 Extended Update Support
All versions affected Red Hat / Red Hat Directory Server 13.1
All versions affected Red Hat / Red Hat Directory Server 12
All versions affected Red Hat / Red Hat Directory Server 13
All versions affected Red Hat / Red Hat Enterprise Linux 6
All versions affected References
access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3189 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3208 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3379 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3504 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4207 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4661 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4720 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:5196 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:5511 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:5512 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:5513 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:5514 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:5568 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:5569 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:5576 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:5597 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:5598 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:6220 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:6268 access.redhat.com: https://access.redhat.com/security/cve/CVE-2025-14905 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2423624
Credits
This issue was discovered by Red Hat Security Research Team (Red Hat Inc.).