Red Hat Security Advisory: 389-ds-base security update
Two vulnerabilities have been identified in the 389 Directory Server (389-ds-base) used in Red Hat Enterprise Linux 9. The first (CVE-2024-5953) involves a malformed userPassword hash that may cause a denial of service (DoS). The second (CVE-2024-6237) allows an unauthenticated user to trigger a DoS by sending a specific extended search request. Red Hat has issued a security advisory with updates to address these issues. The vulnerabilities are rated as moderate in severity. The advisory covers multiple Red Hat Enterprise Linux 9 variants and architectures.
AI Analysis
Technical Summary
The 389 Directory Server, an LDAPv3 compliant server included in Red Hat Enterprise Linux 9, contains two moderate severity vulnerabilities. CVE-2024-5953 is a denial of service vulnerability caused by a malformed userPassword hash. CVE-2024-6237 allows an unauthenticated user to cause a denial of service by sending a crafted extended search request. Red Hat has released updated packages for 389-ds-base to fix these issues as part of advisory RHSA-2024:5192. The advisory applies to Red Hat Enterprise Linux 9 and its Extended Update Support and Extended Life Cycle variants across multiple architectures including x86_64, s390x, ppc64le, and aarch64.
Potential Impact
Successful exploitation of these vulnerabilities can result in denial of service conditions on the 389 Directory Server, potentially disrupting LDAP services. CVE-2024-5953 involves processing a malformed userPassword hash, while CVE-2024-6237 can be triggered by an unauthenticated user sending a specific extended search request. There is no indication of privilege escalation or data disclosure. No known exploits in the wild have been reported at this time.
Mitigation Recommendations
Red Hat has released updated 389-ds-base packages that address these vulnerabilities. Users of affected Red Hat Enterprise Linux 9 variants should apply the security update described in advisory RHSA-2024:5192 promptly. For detailed update instructions, refer to https://access.redhat.com/articles/11258. No additional mitigations are specified by the vendor. Patch status is confirmed as an official fix available from Red Hat.
Red Hat Security Advisory: 389-ds-base security update
Description
Two vulnerabilities have been identified in the 389 Directory Server (389-ds-base) used in Red Hat Enterprise Linux 9. The first (CVE-2024-5953) involves a malformed userPassword hash that may cause a denial of service (DoS). The second (CVE-2024-6237) allows an unauthenticated user to trigger a DoS by sending a specific extended search request. Red Hat has issued a security advisory with updates to address these issues. The vulnerabilities are rated as moderate in severity. The advisory covers multiple Red Hat Enterprise Linux 9 variants and architectures.
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The 389 Directory Server, an LDAPv3 compliant server included in Red Hat Enterprise Linux 9, contains two moderate severity vulnerabilities. CVE-2024-5953 is a denial of service vulnerability caused by a malformed userPassword hash. CVE-2024-6237 allows an unauthenticated user to cause a denial of service by sending a crafted extended search request. Red Hat has released updated packages for 389-ds-base to fix these issues as part of advisory RHSA-2024:5192. The advisory applies to Red Hat Enterprise Linux 9 and its Extended Update Support and Extended Life Cycle variants across multiple architectures including x86_64, s390x, ppc64le, and aarch64.
Potential Impact
Successful exploitation of these vulnerabilities can result in denial of service conditions on the 389 Directory Server, potentially disrupting LDAP services. CVE-2024-5953 involves processing a malformed userPassword hash, while CVE-2024-6237 can be triggered by an unauthenticated user sending a specific extended search request. There is no indication of privilege escalation or data disclosure. No known exploits in the wild have been reported at this time.
Mitigation Recommendations
Red Hat has released updated 389-ds-base packages that address these vulnerabilities. Users of affected Red Hat Enterprise Linux 9 variants should apply the security update described in advisory RHSA-2024:5192 promptly. For detailed update instructions, refer to https://access.redhat.com/articles/11258. No additional mitigations are specified by the vendor. Patch status is confirmed as an official fix available from Red Hat.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2024:5192
- Cve Count
- 2
- Additional Cves
- ["CVE-2024-6237"]
- Cvss Version
- null
Threat ID: 6a3da1f14853345fc1832d4b
Added to database: 06/25/2026, 21:47:29 UTC
Last enriched: 06/25/2026, 22:45:38 UTC
Last updated: 06/27/2026, 09:51:10 UTC
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.