5
CVE-2026-11791
- EPSS 0.21%
- Veröffentlicht 18.06.2026 14:44:32
- Zuletzt bearbeitet 30.06.2026 11:16:28
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
389-ds-base: 389-ds-base: use-after-free in schema reload via attr_syntax_swap_ht()
A flaw was found in 389 Directory Server. During schema reload, the attr_syntax_swap_ht() function unconditionally frees attribute syntax information nodes, bypassing the refcount-based deferred deletion used elsewhere in the attribute syntax subsystem. If an administrator triggers schema reload while concurrent LDAP query traffic is active, worker threads may access freed memory, resulting in use-after-free or double-free and a denial of service (server crash).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Directory Server Version11.0
Redhat ≫ Directory Server Version12.0
Redhat ≫ Directory Server Version13.0
Redhat ≫ 389 Directory Server Version-
Redhat ≫ Enterprise Linux Version7.0
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Version9.0
Redhat ≫ Enterprise Linux Version10.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.115 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 0.7 | 4.2 |
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
|
| secalert@redhat.com | 5 | 0.7 | 4.2 |
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://access.redhat.com/security/cve/CVE-2026-11791
https://bugzilla.redhat.com/show_bug.cgi?id=2485414