CVE-2020-36221

HIGH

OpenLDAP < 2.4.57 - Denial of Service via Certificate Exact Assertion Integer Underflow

Title source: llm
STIX 2.1

Description

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).

References (16)

Core 16
Core References
Issue Tracking, Vendor Advisory x_refsource_misc
https://bugs.openldap.org/show_bug.cgi?id=9404
Issue Tracking, Vendor Advisory x_refsource_misc
https://bugs.openldap.org/show_bug.cgi?id=9424
Release Notes, Vendor Advisory x_refsource_misc
https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2021/02/msg00005.html
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2021/dsa-4845
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20210226-0002/
Third Party Advisory x_refsource_confirm
https://support.apple.com/kb/HT212529
Third Party Advisory x_refsource_confirm
https://support.apple.com/kb/HT212531
Third Party Advisory x_refsource_confirm
https://support.apple.com/kb/HT212530
Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2021/May/70
Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2021/May/64
Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2021/May/65

Scores

CVSS v3 7.5
EPSS 0.8422
EPSS Percentile 99.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-191
Status published
Products (6)
apple/mac_os_x 10.14.6 (17 CPE variants)
apple/mac_os_x 10.14.0 - 10.14.6
apple/macos 11.1 - 11.4
debian/debian_linux 9.0
debian/debian_linux 10.0
openldap/openldap < 2.4.57
Published Jan 26, 2021
Tracked Since Feb 18, 2026