{"id":"CVE-2018-14624","details":"A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency(). An attacker could send a flood of modifications to a very large DN, which would cause slapd to crash.","modified":"2026-03-15T22:19:05.883772Z","published":"2018-09-06T14:29:00.447Z","related":["MGASA-2018-0404","SUSE-SU-2019:1207-1","SUSE-SU-2019:1207-2","openSUSE-SU-2019:1397-1","openSUSE-SU-2024:10593-1"],"references":[{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00037.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:2757"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14624"},{"type":"EVIDENCE","url":"https://pagure.io/389-ds-base/issue/49937"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-14624.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.3.7.10"}]},{"events":[{"introduced":"1.3.8.0"},{"last_affected":"1.3.8.8"}]},{"events":[{"introduced":"1.4.0.0"},{"last_affected":"1.4.0.16"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.5"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}