389-ds-base is vulnerable to denial of service(DoS) attacks. This is because the lock controlling the error log is not correctly used when re-opening the log file in log__error_emergency(). An attacker could send a flood of modifications to a very large DN which may lead slapd to crash.
lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html
lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html
access.redhat.com/errata/RHSA-2018:2757
access.redhat.com/security/cve/CVE-2018-14624
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1614836
bugzilla.redhat.com/show_bug.cgi?id=1614861
bugzilla.redhat.com/show_bug.cgi?id=1615924
bugzilla.redhat.com/show_bug.cgi?id=1619450
bugzilla.redhat.com/show_bug.cgi?id=1623247
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14624
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14624
lists.debian.org/debian-lts-announce/2018/09/msg00037.html
lists.debian.org/debian-lts-announce/2018/09/msg00037.html
pagure.io/389-ds-base/issue/49937
pagure.io/389-ds-base/issue/49937