CVE-2021-27212

In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.

Database specific

{
    "unresolved_ranges": [
        {
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "last_affected": "10.0"
                }
            ],
            "cpe": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"
        },
        {
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "9.0"
                }
            ]
        }
    ]
}

References

Affected packages

Git / github.com/openldap/openldap

Affected ranges

Type

GIT

Repo

https://github.com/openldap/openldap

Events

Introduced

Last affected

3b03d6bea27f29b7f7f91b3d5488fbd6e69b6c29

Last affected

7e717b033a73e47e7fadeee378e6aae28884e050

Last affected

4f2d6dd1ff980b7b51b0a8bbcbb08cdaa96826a3

Database specific

{
    "source": "CPE_FIELD",
    "cpe": [
        "cpe:2.3:a:openldap:openldap:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:openldap:openldap:2.5.0:alpha:*:*:*:*:*:*",
        "cpe:2.3:a:openldap:openldap:2.5.1:alpha:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.57"
        },
        {
            "last_affected": "2.5.0-alpha"
        },
        {
            "last_affected": "2.5.1-alpha"
        }
    ]
}

Affected versions

Other

ACLCHECK_0

AUTOCONF_2_57

LDAP_3_3+prerelease

LDBM_POST_GIANT_RWLOCK

LDBM_PRE_GIANT_RWLOCK

LOCKER_IDS

MIGRATION_CVS2GIT

NO_SLAP_OP_BLOCKS

OPENDLAP_REL_ENG_2_2_MP

OPENLDAP_AC_BP

OPENLDAP_REL_ENG_1_0_0

OPENLDAP_REL_ENG_2_1_BP

OPENLDAP_REL_ENG_2_1_MP

OPENLDAP_REL_ENG_2_2_BP

OPENLDAP_REL_ENG_2_2_MP

OPENLDAP_REL_ENG_2_3_BP

OPENLDAP_REL_ENG_2_3_MP

OPENLDAP_REL_ENG_2_4_0ALPHA

OPENLDAP_REL_ENG_2_4_10

OPENLDAP_REL_ENG_2_4_11

OPENLDAP_REL_ENG_2_4_12

OPENLDAP_REL_ENG_2_4_13

OPENLDAP_REL_ENG_2_4_14

OPENLDAP_REL_ENG_2_4_15

OPENLDAP_REL_ENG_2_4_16

OPENLDAP_REL_ENG_2_4_17

OPENLDAP_REL_ENG_2_4_18

OPENLDAP_REL_ENG_2_4_19

OPENLDAP_REL_ENG_2_4_1ALPHA

OPENLDAP_REL_ENG_2_4_20

OPENLDAP_REL_ENG_2_4_21

OPENLDAP_REL_ENG_2_4_22

OPENLDAP_REL_ENG_2_4_23

OPENLDAP_REL_ENG_2_4_24

OPENLDAP_REL_ENG_2_4_25

OPENLDAP_REL_ENG_2_4_26

OPENLDAP_REL_ENG_2_4_27

OPENLDAP_REL_ENG_2_4_28

OPENLDAP_REL_ENG_2_4_29

OPENLDAP_REL_ENG_2_4_2ALPHA

OPENLDAP_REL_ENG_2_4_30

OPENLDAP_REL_ENG_2_4_32

OPENLDAP_REL_ENG_2_4_33

OPENLDAP_REL_ENG_2_4_34

OPENLDAP_REL_ENG_2_4_35

OPENLDAP_REL_ENG_2_4_36

OPENLDAP_REL_ENG_2_4_37

OPENLDAP_REL_ENG_2_4_38

OPENLDAP_REL_ENG_2_4_39

OPENLDAP_REL_ENG_2_4_3ALPHA

OPENLDAP_REL_ENG_2_4_40

OPENLDAP_REL_ENG_2_4_41

OPENLDAP_REL_ENG_2_4_42

OPENLDAP_REL_ENG_2_4_43

OPENLDAP_REL_ENG_2_4_44

OPENLDAP_REL_ENG_2_4_45

OPENLDAP_REL_ENG_2_4_46

OPENLDAP_REL_ENG_2_4_47

OPENLDAP_REL_ENG_2_4_48

OPENLDAP_REL_ENG_2_4_49

OPENLDAP_REL_ENG_2_4_4ALPHA

OPENLDAP_REL_ENG_2_4_50

OPENLDAP_REL_ENG_2_4_51

OPENLDAP_REL_ENG_2_4_52

OPENLDAP_REL_ENG_2_4_53

OPENLDAP_REL_ENG_2_4_54

OPENLDAP_REL_ENG_2_4_55

OPENLDAP_REL_ENG_2_4_56

OPENLDAP_REL_ENG_2_4_57

OPENLDAP_REL_ENG_2_4_5BETA

OPENLDAP_REL_ENG_2_4_6

OPENLDAP_REL_ENG_2_4_7

OPENLDAP_REL_ENG_2_4_8

OPENLDAP_REL_ENG_2_4_9

OPENLDAP_REL_ENG_2_4_BP

OPENLDAP_REL_ENG_2_4_MP

OPENLDAP_REL_ENG_2_5_0ALPHA

OPENLDAP_REL_ENG_2_5_1ALPHA

OPENLDAP_REL_ENG_2_BP

OPENLDAP_REL_ENG_2_MP

OPENLDAP_SLAPD_BACK_LDAP

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-27212.json"