CVE-2023-2953

A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.
Configurations

Configuration 1 (hide)

cpe:2.3:a:openldap:openldap:2.4:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

History

02 Aug 2023, 16:46

Type Values Removed Values Added
CPE cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
First Time Netapp h300s Firmware
Netapp h410c Firmware
Netapp clustered Data Ontap
Netapp h300s
Netapp h500s
Netapp h410s
Apple macos
Apple
Netapp ontap Tools
Netapp
Netapp h700s
Netapp h410s Firmware
Netapp h410c
Netapp h700s Firmware
Netapp active Iq Unified Manager
Netapp h500s Firmware
References (CONFIRM) https://support.apple.com/kb/HT213844 - (CONFIRM) https://support.apple.com/kb/HT213844 - Third Party Advisory
References (CONFIRM) https://support.apple.com/kb/HT213845 - (CONFIRM) https://support.apple.com/kb/HT213845 - Third Party Advisory
References (CONFIRM) https://support.apple.com/kb/HT213843 - (CONFIRM) https://support.apple.com/kb/HT213843 - Third Party Advisory
References (FULLDISC) http://seclists.org/fulldisclosure/2023/Jul/48 - (FULLDISC) http://seclists.org/fulldisclosure/2023/Jul/48 - Mailing List
References (FULLDISC) http://seclists.org/fulldisclosure/2023/Jul/52 - (FULLDISC) http://seclists.org/fulldisclosure/2023/Jul/52 - Mailing List
References (FULLDISC) http://seclists.org/fulldisclosure/2023/Jul/47 - (FULLDISC) http://seclists.org/fulldisclosure/2023/Jul/47 - Mailing List
References (CONFIRM) https://security.netapp.com/advisory/ntap-20230703-0005/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20230703-0005/ - Third Party Advisory

25 Jul 2023, 16:15

Type Values Removed Values Added
References
  • (FULLDISC) http://seclists.org/fulldisclosure/2023/Jul/52 -
  • (FULLDISC) http://seclists.org/fulldisclosure/2023/Jul/47 -
  • (FULLDISC) http://seclists.org/fulldisclosure/2023/Jul/48 -

24 Jul 2023, 19:15

Type Values Removed Values Added
References
  • (CONFIRM) https://support.apple.com/kb/HT213844 -
  • (CONFIRM) https://support.apple.com/kb/HT213845 -
  • (CONFIRM) https://support.apple.com/kb/HT213843 -

03 Jul 2023, 16:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20230703-0005/ -

06 Jun 2023, 17:17

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CPE cpe:2.3:a:openldap:openldap:2.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
References (MISC) https://bugs.openldap.org/show_bug.cgi?id=9904 - (MISC) https://bugs.openldap.org/show_bug.cgi?id=9904 - Issue Tracking, Vendor Advisory
References (MISC) https://access.redhat.com/security/cve/CVE-2023-2953 - (MISC) https://access.redhat.com/security/cve/CVE-2023-2953 - Third Party Advisory
First Time Openldap openldap
Redhat enterprise Linux
Redhat
Openldap
CWE CWE-476

30 May 2023, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-05-30 22:15

Updated : 2024-02-28 20:13


NVD link : CVE-2023-2953

Mitre link : CVE-2023-2953

CVE.ORG link : CVE-2023-2953


JSON object : View

Products Affected

netapp

  • h410c_firmware
  • h300s_firmware
  • clustered_data_ontap
  • h500s_firmware
  • h410s_firmware
  • h500s
  • h700s_firmware
  • h410s
  • h410c
  • h300s
  • h700s
  • active_iq_unified_manager
  • ontap_tools

apple

  • macos

openldap

  • openldap

redhat

  • enterprise_linux
CWE
CWE-476

NULL Pointer Dereference