#VU54107 NULL pointer dereference in 389-ds-base - CVE-2021-3514


Vulnerability identifier: #VU54107

Vulnerability risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-3514

CWE-ID: CWE-476

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
389-ds-base
Server applications / Directory software, identity management

Vendor: 389 Directory Server Project

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error when using a sync_repl client in 389-ds-base. A remote authenticated user can cause a NULL pointer dereference using a specially crafted query and perform a denial of service (DoS) attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

389-ds-base: 1.4.3.1 - 1.4.4.15, 2.0.1 - 2.0.4

External links
https://github.com/389ds/389-ds-base/issues/4711
https://github.com/389ds/389-ds-base/commit/58dbf084a63e6dbbd999bf6a70475fad8255f26a
https://github.com/389ds/389-ds-base/commit/2e5b526012612d1d6ccace46398bee679a730271
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2021-3514

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Anolis OS update for 389-ds:1.4 module
Anolis OS update for 389-ds-base
Red Hat Directory Server 11 update for the redhat-ds:11 module
Anolis OS update for 389-ds:1.4 (Anolis OS 8.2) module
Arch Linux update for 389-ds-base
Red Hat Enterprise Linux 8.2 update for the 389-ds:1.4 module
Anolis OS update for 389-ds:1.4 (Anolis OS 8.4) module
Red Hat Enterprise Linux 8 update for the 389-ds:1.4 module
Denial of service in 389-ds-base
SUSE update for 389-ds