Buffer overflow in Red Hat Directory Server 11
CVE-2026-11610
A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). After a successful SASL bind with integrity protection (SSF > 0), an authenticated attacker can send a specially crafted oversized LDAP UNBI…
Vulnerability class: Buffer Overflow
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Red Hat Directory Server 11
- Red Hat Directory Server 11.5 E4s For Rhel 8 — versions 8060020260702180044.0ca98e7e
- Red Hat Directory Server 11.7 E4s For Rhel 8 — versions 8080020260702180836.f969626e
- Red Hat Directory Server 12
- Red Hat Directory Server 13
- Red Hat Enterprise Linux 10
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 7 Extended Lifecycle Support — versions 0:1.3.11.1-13.el7_9
- Red Hat Enterprise Linux 8 — versions 8100020260626120929.25e700aa
Weakness classification (CWE)
References
- secalert@redhat.com (x_refsource_REDHAT, vdb-entry)
- secalert@redhat.com (x_refsource_REDHAT, issue-tracking)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
Frequently asked questions
- What is CVE-2026-11610?
- CVE-2026-11610 is a high-severity vulnerability in Red Hat Directory Server 11, classified under Heap-based Buffer Overflow. CVSS score: 8.8/10. Published 2026-07-07.
- How severe is CVE-2026-11610?
- High severity. CVSS v3 base score is 8.8 out of 10.