CVE-2026-12528 Red Hat CVE debrief

Who should care

System administrators and security teams responsible for 389 Directory Server installations should prioritize patching this vulnerability. Authenticated users with write access to the aci attribute pose a risk to the server's stability and security.

Technical summary

The __aclp__normalize_acltxt() function in aclparse.c fails to validate the length of ACI keywords after whitespace stripping. This oversight allows a 1-byte out-of-bounds write and subsequent out-of-bounds reads during ACI parsing. An attacker with write access to the aci attribute can exploit this by sending a crafted ACI value, potentially corrupting heap memory in the directory server process.

Defensive priority

High

Recommended defensive actions

• Apply the official patch from the 389 Directory Server vendor as soon as possible.
• Restrict write access to the aci attribute for all users.
• Monitor directory server logs for unusual activity or errors.
• Implement additional security measures, such as SELinux or other Mandatory Access Control systems, to limit the impact of a potential exploit.
• Consider temporarily disabling write access to the aci attribute until a patch is applied.
• Regularly review and update access controls to prevent exploitation.

Evidence notes

The information provided is based on data from the National Vulnerability Database (NVD) and Red Hat security advisories. The vulnerability was published on June 17, 2026, and has a CVSS score of 5.4. Red Hat has acknowledged the vulnerability and provided references to affected systems and patches.

Official resources