๐Ÿ” CVE Alert

CVE-2026-9064

HIGH 7.5

389-ds-base: 389-ds-base: unbounded ldap controls count in get_ldapmessage_controls_ext() causes cpu and heap amplification (remote dos)

CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th

A flaw was found in 389-ds-base. The get_ldapmessage_controls_ext() function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls within the default maximum BER message size (2 MB), causing excessive CPU consumption and heap allocation on the server. Under concurrent exploitation, this leads to significant latency degradation, worker thread starvation, or out-of-memory termination, resulting in a denial of service.

CWE CWE-770
Vendor red hat
Product red hat directory server 11.5 e4s for rhel 8
Published May 20, 2026
Last Updated Jun 30, 2026
Stay Ahead of the Next One

Get instant alerts for red hat red hat directory server 11.5 e4s for rhel 8

Be the first to know when new high vulnerabilities affecting red hat red hat directory server 11.5 e4s for rhel 8 are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Affected Versions

Red Hat / Red Hat Directory Server 11.5 E4S for RHEL 8
All versions affected
Red Hat / Red Hat Directory Server 11.7 E4S for RHEL 8
All versions affected
Red Hat / Red Hat Directory Server 11.9 for RHEL 8
All versions affected
Red Hat / Red Hat Directory Server 12.2 E4S for RHEL 9
All versions affected
Red Hat / Red Hat Directory Server 12.4 E4S for RHEL 9
All versions affected
Red Hat / Red Hat Enterprise Linux 10
All versions affected
Red Hat / Red Hat Enterprise Linux 10.0 Extended Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 7 Extended Lifecycle Support
All versions affected
Red Hat / Red Hat Enterprise Linux 8
All versions affected
Red Hat / Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On
All versions affected
Red Hat / Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On
All versions affected
Red Hat / Red Hat Enterprise Linux 8.8 Telecommunications Update Service
All versions affected
Red Hat / Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 9
All versions affected
Red Hat / Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 9.6 Extended Update Support
All versions affected
Red Hat / Red Hat Directory Server 13.2
All versions affected
Red Hat / Red Hat Directory Server 12
All versions affected
Red Hat / Red Hat Directory Server 13
All versions affected
Red Hat / Red Hat Enterprise Linux 6
All versions affected

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
access.redhat.com: https://access.redhat.com/errata/RHSA-2026:26452 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:26453 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:26454 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:26455 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:26456 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:26457 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:26458 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:26459 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:26460 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:26461 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:26463 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:26464 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:26465 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:26597 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:26599 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:26639 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:27125 access.redhat.com: https://access.redhat.com/security/cve/CVE-2026-9064 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2480093 security.access.redhat.com: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-9064.json

Credits

Red Hat would like to thank Oleh Konko (1seal.org) for reporting this issue.