CVE-2026-12528

MEDIUM(5.4)

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Risk Signal Score14/100 — NIEDRIG

CVSS 5.4 — Mittel

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

5.4

Technische Schwere

Beschreibung

A flaw was found in 389 Directory Server in the __aclp__normalize_acltxt() function of aclparse.c. A malformed ACI (Access Control Instruction) string can trigger heap-buffer-overflow writes and reads during ACI parsing. The function fails to validate that the ACI keyword has sufficient length after whitespace stripping, leading to a 1-byte out-of-bounds write and subsequent out-of-bounds reads. An authenticated user with write access to the aci attribute could send a crafted ACI value to silently corrupt heap memory in the directory server process.

Referenzen

https://access.redhat.com/security/cve/CVE-2026-12528
https://bugzilla.redhat.com/show_bug.cgi?id=2489835
https://github.com/389ds/389-ds-base/pull/7542