CVE-2024-1062

Published: Feb 12, 2024
Updated: Nov 16, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2024-1062" target="_blank" rel="noopener"> CVE-2024-1062
Severity: Medium
Exploit:

A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.

CVSS v3:

CWEs:

Software	From	Fixed in
redhat / 389_directory_server	-	2.2.0
redhat / directory_server	11.7	11.7.x
redhat / directory_server	11.8	11.8.x
fedoraproject / fedora	39	39.x
fedoraproject / fedora	40	40.x
fedoraproject / fedora	41	41.x
redhat / directory_server	12.0	12.0.x
redhat / enterprise_linux	8.0	8.0.x
redhat / enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	8.6	8.6.x
redhat / enterprise_linux_server_aus	8.6	8.6.x
redhat / enterprise_linux_server_tus	8.6	8.6.x
redhat / enterprise_linux_eus	8.6	8.6.x
redhat / enterprise_linux_server_tus	8.8	8.8.x
redhat / enterprise_linux_eus	8.8	8.8.x
redhat / enterprise_linux_server_aus	9.2	9.2.x
redhat / enterprise_linux_eus	9.2	9.2.x
redhat / enterprise_linux_for_power_little_endian_eus	9.2	9.2.x
redhat / enterprise_linux_for_arm_64_eus	9.2	9.2.x
redhat / enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	9.2	9.2.x
redhat / enterprise_linux_for_arm_64_eus	8.6	8.6.x
redhat / enterprise_linux_for_arm_64_eus	8.8	8.8.x
redhat / enterprise_linux_for_ibm_z_systems_eus	8.8	8.8.x
redhat / enterprise_linux_for_ibm_z_systems	9.2	9.2.x
redhat / enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	8.8	8.8.x
redhat / enterprise_linux_for_power_little_endian_eus	8.8	8.8.x
redhat / enterprise_linux_update_services_for_sap_solutions	8.6	8.6.x
redhat / enterprise_linux_update_services_for_sap_solutions	8.8	8.8.x

Vulnerability Database