CVE-2026-11792: Heap-based Buffer Overflow in Red Hat Red Hat Directory Server 11
CVE-2026-11792 is a heap-based buffer overflow vulnerability in Red Hat Directory Server 11's 389 Directory Server component. The flaw occurs in the create_masked_entry_string() function within auditlog. c when audit logging is enabled. This function copies a fixed-length password mask into a heap buffer without verifying the buffer size, which can lead to overflow if a short cleartext password is logged. The vulnerability can cause heap memory corruption and affect audit log output integrity. The CVSS score is 3. 3, indicating low severity. No explicit affected versions or patch information are provided in the advisory.
AI Analysis
Technical Summary
A heap buffer overflow exists in the 389 Directory Server component of Red Hat Directory Server 11. Specifically, when audit logging is enabled, the create_masked_entry_string() function copies a fixed-length password mask into a heap buffer without checking if the buffer has sufficient space. If a short cleartext password is logged—possible only with non-default CLEAR password storage or a compromised replication peer—this results in a buffer overflow that corrupts heap memory and audit log output. The vulnerability has a CVSS v3.1 base score of 3.3 (low), with network attack vector, high attack complexity, requiring high privileges, no user interaction, unchanged scope, no confidentiality impact, low integrity impact, and low availability impact. Vendor advisories do not explicitly confirm a patch or remediation status for this specific issue.
Potential Impact
The vulnerability can lead to heap memory corruption and corrupted audit log output when a short cleartext password is logged under specific conditions. The impact is limited to integrity and availability with low severity. There is no confidentiality impact reported. Exploitation requires high privileges and is of high complexity, reducing the likelihood of exploitation. No known exploits are reported in the wild.
Mitigation Recommendations
Patch status is not yet confirmed—check the vendor advisory for current remediation guidance. The Red Hat advisories linked do not explicitly mention a fix for this vulnerability. Users should monitor Red Hat's official advisories and apply updates to the 389 Directory Server component when a fix is released. Until then, consider disabling audit logging of cleartext passwords or using default password storage settings to reduce exposure.
CVE-2026-11792: Heap-based Buffer Overflow in Red Hat Red Hat Directory Server 11
Description
CVE-2026-11792 is a heap-based buffer overflow vulnerability in Red Hat Directory Server 11's 389 Directory Server component. The flaw occurs in the create_masked_entry_string() function within auditlog. c when audit logging is enabled. This function copies a fixed-length password mask into a heap buffer without verifying the buffer size, which can lead to overflow if a short cleartext password is logged. The vulnerability can cause heap memory corruption and affect audit log output integrity. The CVSS score is 3. 3, indicating low severity. No explicit affected versions or patch information are provided in the advisory.
CVSS v3.1
Score 3.3low
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
A heap buffer overflow exists in the 389 Directory Server component of Red Hat Directory Server 11. Specifically, when audit logging is enabled, the create_masked_entry_string() function copies a fixed-length password mask into a heap buffer without checking if the buffer has sufficient space. If a short cleartext password is logged—possible only with non-default CLEAR password storage or a compromised replication peer—this results in a buffer overflow that corrupts heap memory and audit log output. The vulnerability has a CVSS v3.1 base score of 3.3 (low), with network attack vector, high attack complexity, requiring high privileges, no user interaction, unchanged scope, no confidentiality impact, low integrity impact, and low availability impact. Vendor advisories do not explicitly confirm a patch or remediation status for this specific issue.
Potential Impact
The vulnerability can lead to heap memory corruption and corrupted audit log output when a short cleartext password is logged under specific conditions. The impact is limited to integrity and availability with low severity. There is no confidentiality impact reported. Exploitation requires high privileges and is of high complexity, reducing the likelihood of exploitation. No known exploits are reported in the wild.
Mitigation Recommendations
Patch status is not yet confirmed—check the vendor advisory for current remediation guidance. The Red Hat advisories linked do not explicitly mention a fix for this vulnerability. Users should monitor Red Hat's official advisories and apply updates to the 389 Directory Server component when a fix is released. Until then, consider disabling audit logging of cleartext passwords or using default password storage settings to reduce exposure.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-06-09T13:02:09.570Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/errata/RHBA-2025:15534","vendor":"Red Hat"},{"url":"https://access.redhat.com/security/cve/CVE-2026-11792","vendor":"Red Hat"}]
Threat ID: 6a28145b8dd33fbd85364a34
Added to database: 6/9/2026, 1:25:47 PM
Last enriched: 6/9/2026, 1:40:58 PM
Last updated: 6/9/2026, 2:57:54 PM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.