Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 645706 (CVE-2017-15135) - <net-nds/389-ds-base-{,}: Authentication bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c
Summary: <net-nds/389-ds-base-{,}: Authentication bypass due to lac...
Alias: CVE-2017-15135
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
Whiteboard: ~1 [noglsa cve]
Depends on:
Reported: 2018-01-25 15:48 UTC by GLSAMaker/CVETool Bot
Modified: 2018-02-06 01:41 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2018-01-25 15:48:41 UTC
CVE-2017-15135 (
  It was found that 389-ds-base since up to and including did
  not always handle internal hash comparison operations correctly during the
  authentication process. A remote, unauthenticated attacker could potentially
  use this flaw to bypass the authentication process under very rare and
  specific circumstances.
Comment 2 Larry the Git Cow gentoo-dev 2018-02-05 21:50:08 UTC
The bug has been referenced in the following commit(s):

commit e71df7341cdaa0a4cc2aeff56496ce1724b921d2
Author:     Wes Cilldhaire <>
AuthorDate: 2018-02-05 01:07:25 +0000
Commit:     Patrice Clement <>
CommitDate: 2018-02-05 21:50:03 +0000

    net-nds/389-ds-base: patch against CVE-2017-15135 in
    * Patch and revbump to to address CVE-2017-15135
    * Update copyright line in all versions for 2018
    Package-Manager: Portage-2.3.20, Repoman-2.3.6

 net-nds/389-ds-base/389-ds-base-    |   2 +-
 ....3.6.8.ebuild => 389-ds-base-} |   4 +-
 net-nds/389-ds-base/389-ds-base-9999.ebuild        |   2 +-
 ...-base-1.3.6-backport-invalid-password-mig.patch | 376 +++++++++++++++++++++
 4 files changed, 381 insertions(+), 3 deletions(-)}
Comment 3 Larry the Git Cow gentoo-dev 2018-02-05 21:52:42 UTC
The bug has been referenced in the following commit(s):

commit 5c73dc8bddc74876c7d3a177bf30e5d21ba3e808
Author:     Patrice Clement <>
AuthorDate: 2018-02-05 21:52:22 +0000
Commit:     Patrice Clement <>
CommitDate: 2018-02-05 21:52:22 +0000

    net-nds/389-ds-base: remove vulnerable version.
    Package-Manager: Portage-2.3.19, Repoman-2.3.6

 net-nds/389-ds-base/389-ds-base- | 124 ------------------------
 net-nds/389-ds-base/Manifest                    |   1 -
 2 files changed, 125 deletions(-)}