CVE-2025-14905: Heap-based Buffer Overflow in Red Hat Red Hat Directory Server 11.5 E4S for RHEL 8
A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).
AI Analysis
Technical Summary
A heap buffer overflow vulnerability (CVE-2025-14905) was identified in the 389-ds-base server used by Red Hat Directory Server 11.5 E4S for RHEL 8. The vulnerability arises from improper calculation of buffer size in the schema_attr_enum_callback function within schema.c, where alias string lengths are summed without accounting for additional formatting characters. When processing many aliases, this can overflow the heap buffer, potentially enabling remote code execution or denial of service. Red Hat has released security updates for 389-ds-base packages on Red Hat Enterprise Linux 9 and 10, with patches available for multiple architectures. The vendor advisory classifies the impact as Moderate and provides detailed instructions for applying the fixes.
Potential Impact
The vulnerability can lead to remote code execution or denial of service on affected Red Hat Directory Server installations. The CVSS score of 7.2 reflects high severity with network attack vector, low attack complexity, high confidentiality, integrity, and availability impacts. However, Red Hat rates the security impact as Moderate in their advisories. There are no known exploits in the wild at this time. The issue affects multiple Red Hat Enterprise Linux versions and architectures where 389-ds-base is deployed.
Mitigation Recommendations
Red Hat has released official security updates for 389-ds-base packages on Red Hat Enterprise Linux 9 and 10 that address CVE-2025-14905. Users should apply these updates promptly following the instructions in the Red Hat advisories (RHSA-2026:3189 and RHSA-2026:3208) and the knowledge base article https://access.redhat.com/articles/11258. No additional mitigation steps are indicated or required beyond applying the vendor-provided patches.
CVE-2025-14905: Heap-based Buffer Overflow in Red Hat Red Hat Directory Server 11.5 E4S for RHEL 8
Description
A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
A heap buffer overflow vulnerability (CVE-2025-14905) was identified in the 389-ds-base server used by Red Hat Directory Server 11.5 E4S for RHEL 8. The vulnerability arises from improper calculation of buffer size in the schema_attr_enum_callback function within schema.c, where alias string lengths are summed without accounting for additional formatting characters. When processing many aliases, this can overflow the heap buffer, potentially enabling remote code execution or denial of service. Red Hat has released security updates for 389-ds-base packages on Red Hat Enterprise Linux 9 and 10, with patches available for multiple architectures. The vendor advisory classifies the impact as Moderate and provides detailed instructions for applying the fixes.
Potential Impact
The vulnerability can lead to remote code execution or denial of service on affected Red Hat Directory Server installations. The CVSS score of 7.2 reflects high severity with network attack vector, low attack complexity, high confidentiality, integrity, and availability impacts. However, Red Hat rates the security impact as Moderate in their advisories. There are no known exploits in the wild at this time. The issue affects multiple Red Hat Enterprise Linux versions and architectures where 389-ds-base is deployed.
Mitigation Recommendations
Red Hat has released official security updates for 389-ds-base packages on Red Hat Enterprise Linux 9 and 10 that address CVE-2025-14905. Users should apply these updates promptly following the instructions in the Red Hat advisories (RHSA-2026:3189 and RHSA-2026:3208) and the knowledge base article https://access.redhat.com/articles/11258. No additional mitigation steps are indicated or required beyond applying the vendor-provided patches.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2025-12-18T18:06:35.400Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 699c7b9bbe58cf853ba52827
Added to database: 2/23/2026, 4:08:59 PM
Last enriched: 4/3/2026, 1:01:06 PM
Last updated: 4/10/2026, 4:56:48 AM
Views: 130
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.