High severity7.2NVD Advisory· Published Feb 23, 2026· Updated Apr 15, 2026
CVE-2025-14905
CVE-2025-14905
Description
A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the schema_attr_enum_callback function within the schema.c file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
21- access.redhat.com/errata/RHSA-2026:3189nvd
- access.redhat.com/errata/RHSA-2026:3208nvd
- access.redhat.com/errata/RHSA-2026:3379nvd
- access.redhat.com/errata/RHSA-2026:3504nvd
- access.redhat.com/errata/RHSA-2026:4207nvd
- access.redhat.com/errata/RHSA-2026:4661nvd
- access.redhat.com/errata/RHSA-2026:4720nvd
- access.redhat.com/errata/RHSA-2026:5196nvd
- access.redhat.com/errata/RHSA-2026:5511nvd
- access.redhat.com/errata/RHSA-2026:5512nvd
- access.redhat.com/errata/RHSA-2026:5513nvd
- access.redhat.com/errata/RHSA-2026:5514nvd
- access.redhat.com/errata/RHSA-2026:5568nvd
- access.redhat.com/errata/RHSA-2026:5569nvd
- access.redhat.com/errata/RHSA-2026:5576nvd
- access.redhat.com/errata/RHSA-2026:5597nvd
- access.redhat.com/errata/RHSA-2026:5598nvd
- access.redhat.com/errata/RHSA-2026:6220nvd
- access.redhat.com/errata/RHSA-2026:6268nvd
- access.redhat.com/security/cve/CVE-2025-14905nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.