CVE-2025-14905 Red Hat — Exploit & Vulnerability Details HIGH

Parameter	Value
CVSS	7.2 (HIGH)
Type	CWE-122 (Heap-based Buffer Overflow)
Vendor	Red Hat
Public PoC	No

A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters.

When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

Low

Easy to exploit

Privileges Required

High

Admin privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

High

Complete data modification

Availability

High

Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-122 Heap-based Buffer Overflow

Vulnerable Products

red hat:red hat directory server 13 red hat:red hat enterprise linux 10 red hat:red hat directory server 12 red hat:red hat enterprise linux 7 red hat:red hat enterprise linux 9 red hat:red hat enterprise linux 6 red hat:red hat directory server 12.4 eus for rhel 9 red hat:red hat directory server 11 red hat:red hat directory server 13.1 red hat:red hat enterprise linux 9.6 extended update support red hat:red hat enterprise linux 10.0 extended update support red hat:red hat enterprise linux 8

Menu

CVE-2025-14905

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products

References 21

Related Vulnerabilities

CVE-2026-35093

CVE-2026-5121

CVE-2026-5119

CVE-2026-0965

CVE-2026-0967

CVE Details

Editor's Choice

Stay informed on cybersecurity