vulnerability

Red Hat: CVE-2022-0918: CVE-2022-0918 389-ds-base: sending crafted message could result in DoS (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Mar 16, 2022	Jun 29, 2022	Aug 7, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Mar 16, 2022

Added

Jun 29, 2022

Modified

Aug 7, 2025

Description

A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The message triggers a segmentation fault that results in slapd crashing.

Solutions

no-fix-redhat-rpm-packageredhat-upgrade-389-ds-baseredhat-upgrade-389-ds-base-debuginforedhat-upgrade-389-ds-base-debugsourceredhat-upgrade-389-ds-base-develredhat-upgrade-389-ds-base-legacy-toolsredhat-upgrade-389-ds-base-legacy-tools-debuginforedhat-upgrade-389-ds-base-libsredhat-upgrade-389-ds-base-libs-debuginforedhat-upgrade-389-ds-base-snmpredhat-upgrade-389-ds-base-snmp-debuginforedhat-upgrade-python3-lib389

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today