{ "document": { "aggregate_severity": { "text": "Medium" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/almalinux9.2esu/vex/2024/cve-2024-5953-els_os-almalinux9_2esu.json" } ], "title": "Security update on CVE-2024-5953", "tracking": { "current_release_date": "2026-01-19T22:21:54Z", "generator": { "date": "2026-01-19T22:21:54Z", "engine": { "name": "pyCSAF" } }, "id": "CVE-2024-5953-ELS_OS-ALMALINUX9.2ESU", "initial_release_date": "2024-06-13T00:00:00Z", "revision_history": [ { "date": "2024-06-13T00:00:00Z", "number": "1", "summary": "Initial version" }, { "date": "2025-11-29T10:40:37Z", "number": "2", "summary": "Official Publication" }, { "date": "2025-12-23T19:08:30Z", "number": "3", "summary": "Update document" }, { "date": "2026-01-19T22:21:54Z", "number": "4", "summary": "Update document" } ], "status": "final", "version": "4" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "AlmaLinux 9.2", "product": { "name": "AlmaLinux 9.2", "product_id": "AlmaLinux-9.2", "product_identification_helper": { "cpe": "cpe:2.3:o:almalinux:almalinux:9.2:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "AlmaLinux" }, { "branches": [ { "category": "product_version", "name": "389-ds-base-0:2.2.4-5.el9.x86_64", "product": { "name": "389-ds-base-0:2.2.4-5.el9.x86_64", "product_id": "389-ds-base-0:2.2.4-5.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/almalinux/389-ds-base@2.2.4-5.el9?arch=x86_64" } } }, { "category": "product_version", "name": "389-ds-base-devel-0:2.2.4-5.el9.x86_64", "product": { "name": "389-ds-base-devel-0:2.2.4-5.el9.x86_64", "product_id": "389-ds-base-devel-0:2.2.4-5.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/almalinux/389-ds-base-devel@2.2.4-5.el9?arch=x86_64" } } }, { "category": "product_version", "name": "389-ds-base-libs-0:2.2.4-5.el9.x86_64", "product": { "name": "389-ds-base-libs-0:2.2.4-5.el9.x86_64", "product_id": "389-ds-base-libs-0:2.2.4-5.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/almalinux/389-ds-base-libs@2.2.4-5.el9?arch=x86_64" } } }, { "category": "product_version", "name": "389-ds-base-snmp-0:2.2.4-5.el9.x86_64", "product": { "name": "389-ds-base-snmp-0:2.2.4-5.el9.x86_64", "product_id": "389-ds-base-snmp-0:2.2.4-5.el9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/almalinux/389-ds-base-snmp@2.2.4-5.el9?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "python3-lib389-0:2.2.4-5.el9.noarch", "product": { "name": "python3-lib389-0:2.2.4-5.el9.noarch", "product_id": "python3-lib389-0:2.2.4-5.el9.noarch", "product_identification_helper": { "purl": "pkg:rpm/almalinux/python3-lib389@2.2.4-5.el9?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "AlmaLinux OS Foundation" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "389-ds-base-0:2.2.4-5.el9.tuxcare.els2.x86_64", "product": { "name": "389-ds-base-0:2.2.4-5.el9.tuxcare.els2.x86_64", "product_id": "389-ds-base-0:2.2.4-5.el9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/389-ds-base@2.2.4-5.el9.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "389-ds-base-devel-0:2.2.4-5.el9.tuxcare.els2.x86_64", "product": { "name": "389-ds-base-devel-0:2.2.4-5.el9.tuxcare.els2.x86_64", "product_id": "389-ds-base-devel-0:2.2.4-5.el9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/389-ds-base-devel@2.2.4-5.el9.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "389-ds-base-libs-0:2.2.4-5.el9.tuxcare.els2.x86_64", "product": { "name": "389-ds-base-libs-0:2.2.4-5.el9.tuxcare.els2.x86_64", "product_id": "389-ds-base-libs-0:2.2.4-5.el9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/389-ds-base-libs@2.2.4-5.el9.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "389-ds-base-snmp-0:2.2.4-5.el9.tuxcare.els2.x86_64", "product": { "name": "389-ds-base-snmp-0:2.2.4-5.el9.tuxcare.els2.x86_64", "product_id": "389-ds-base-snmp-0:2.2.4-5.el9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/389-ds-base-snmp@2.2.4-5.el9.tuxcare.els2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "python3-lib389-0:2.2.4-5.el9.tuxcare.els2.noarch", "product": { "name": "python3-lib389-0:2.2.4-5.el9.tuxcare.els2.noarch", "product_id": "python3-lib389-0:2.2.4-5.el9.tuxcare.els2.noarch", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/python3-lib389@2.2.4-5.el9.tuxcare.els2?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "389-ds-base-0:2.2.4-5.el9.tuxcare.els2.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:389-ds-base-0:2.2.4-5.el9.tuxcare.els2.x86_64" }, "product_reference": "389-ds-base-0:2.2.4-5.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "389-ds-base-0:2.2.4-5.el9.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:389-ds-base-0:2.2.4-5.el9.x86_64" }, "product_reference": "389-ds-base-0:2.2.4-5.el9.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "389-ds-base-devel-0:2.2.4-5.el9.tuxcare.els2.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:389-ds-base-devel-0:2.2.4-5.el9.tuxcare.els2.x86_64" }, "product_reference": "389-ds-base-devel-0:2.2.4-5.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "389-ds-base-devel-0:2.2.4-5.el9.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:389-ds-base-devel-0:2.2.4-5.el9.x86_64" }, "product_reference": "389-ds-base-devel-0:2.2.4-5.el9.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "389-ds-base-libs-0:2.2.4-5.el9.tuxcare.els2.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:389-ds-base-libs-0:2.2.4-5.el9.tuxcare.els2.x86_64" }, "product_reference": "389-ds-base-libs-0:2.2.4-5.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "389-ds-base-libs-0:2.2.4-5.el9.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:389-ds-base-libs-0:2.2.4-5.el9.x86_64" }, "product_reference": "389-ds-base-libs-0:2.2.4-5.el9.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "389-ds-base-snmp-0:2.2.4-5.el9.tuxcare.els2.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:389-ds-base-snmp-0:2.2.4-5.el9.tuxcare.els2.x86_64" }, "product_reference": "389-ds-base-snmp-0:2.2.4-5.el9.tuxcare.els2.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "389-ds-base-snmp-0:2.2.4-5.el9.x86_64 as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:389-ds-base-snmp-0:2.2.4-5.el9.x86_64" }, "product_reference": "389-ds-base-snmp-0:2.2.4-5.el9.x86_64", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "python3-lib389-0:2.2.4-5.el9.tuxcare.els2.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:python3-lib389-0:2.2.4-5.el9.tuxcare.els2.noarch" }, "product_reference": "python3-lib389-0:2.2.4-5.el9.tuxcare.els2.noarch", "relates_to_product_reference": "AlmaLinux-9.2" }, { "category": "default_component_of", "full_product_name": { "name": "python3-lib389-0:2.2.4-5.el9.noarch as a component of AlmaLinux 9.2", "product_id": "AlmaLinux-9.2:python3-lib389-0:2.2.4-5.el9.noarch" }, "product_reference": "python3-lib389-0:2.2.4-5.el9.noarch", "relates_to_product_reference": "AlmaLinux-9.2" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-5953", "cwe": { "id": "CWE-1288", "name": "Improper Validation of Consistency within Input" }, "notes": [ { "category": "description", "text": "A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "known_affected": [ "AlmaLinux-9.2:389-ds-base-0:2.2.4-5.el9.tuxcare.els2.x86_64", "AlmaLinux-9.2:389-ds-base-0:2.2.4-5.el9.x86_64", "AlmaLinux-9.2:389-ds-base-devel-0:2.2.4-5.el9.tuxcare.els2.x86_64", "AlmaLinux-9.2:389-ds-base-devel-0:2.2.4-5.el9.x86_64", "AlmaLinux-9.2:389-ds-base-libs-0:2.2.4-5.el9.tuxcare.els2.x86_64", "AlmaLinux-9.2:389-ds-base-libs-0:2.2.4-5.el9.x86_64", "AlmaLinux-9.2:389-ds-base-snmp-0:2.2.4-5.el9.tuxcare.els2.x86_64", "AlmaLinux-9.2:389-ds-base-snmp-0:2.2.4-5.el9.x86_64", "AlmaLinux-9.2:python3-lib389-0:2.2.4-5.el9.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-lib389-0:2.2.4-5.el9.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-5953" } ], "release_date": "2024-06-13T00:00:00Z", "remediations": [ { "category": "no_fix_planned", "details": "- This issue is availability-only and requires an authenticated LDAP user on the same network segment (adjacent network), with no confidentiality or integrity impact. \n- It is only triggerable when the target account’s userPassword attribute contains a malformed hash—something normal server-side password changes don’t create and that typically requires non-default configurations or administrative insertion of pre-hashed/invalid values. \n- Given these preconditions and typical enterprise deployments that keep LDAP on internal networks and provision accounts via standard tooling that generates valid hashes, practical exploitability is low and the CVE can be safely deprioritized.", "product_ids": [ "AlmaLinux-9.2:389-ds-base-0:2.2.4-5.el9.tuxcare.els2.x86_64", "AlmaLinux-9.2:389-ds-base-0:2.2.4-5.el9.x86_64", "AlmaLinux-9.2:389-ds-base-devel-0:2.2.4-5.el9.tuxcare.els2.x86_64", "AlmaLinux-9.2:389-ds-base-devel-0:2.2.4-5.el9.x86_64", "AlmaLinux-9.2:389-ds-base-libs-0:2.2.4-5.el9.tuxcare.els2.x86_64", "AlmaLinux-9.2:389-ds-base-libs-0:2.2.4-5.el9.x86_64", "AlmaLinux-9.2:389-ds-base-snmp-0:2.2.4-5.el9.tuxcare.els2.x86_64", "AlmaLinux-9.2:389-ds-base-snmp-0:2.2.4-5.el9.x86_64", "AlmaLinux-9.2:python3-lib389-0:2.2.4-5.el9.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-lib389-0:2.2.4-5.el9.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AlmaLinux-9.2:389-ds-base-0:2.2.4-5.el9.tuxcare.els2.x86_64", "AlmaLinux-9.2:389-ds-base-0:2.2.4-5.el9.x86_64", "AlmaLinux-9.2:389-ds-base-devel-0:2.2.4-5.el9.tuxcare.els2.x86_64", "AlmaLinux-9.2:389-ds-base-devel-0:2.2.4-5.el9.x86_64", "AlmaLinux-9.2:389-ds-base-libs-0:2.2.4-5.el9.tuxcare.els2.x86_64", "AlmaLinux-9.2:389-ds-base-libs-0:2.2.4-5.el9.x86_64", "AlmaLinux-9.2:389-ds-base-snmp-0:2.2.4-5.el9.tuxcare.els2.x86_64", "AlmaLinux-9.2:389-ds-base-snmp-0:2.2.4-5.el9.x86_64", "AlmaLinux-9.2:python3-lib389-0:2.2.4-5.el9.tuxcare.els2.noarch", "AlmaLinux-9.2:python3-lib389-0:2.2.4-5.el9.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] } ] }