CVE-2023-2953

CVE	CVE-2023-2953
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-05-30 22:15:00 UTC
Updated	2023-08-02 16:46:00 UTC
Description	A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.

Problem Types: CWE-476

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Apple	Macos	All	All	All	All
Application	Netapp	Active Iq Unified Manager	-	All	All	All
Application	Netapp	Clustered Data Ontap	-	All	All	All
Hardware	Netapp	H300s	-	All	All	All
Operating System	Netapp	H300s Firmware	-	All	All	All
Hardware	Netapp	H410c	-	All	All	All
Operating System	Netapp	H410c Firmware	-	All	All	All
Hardware	Netapp	H410s	-	All	All	All
Operating System	Netapp	H410s Firmware	-	All	All	All
Hardware	Netapp	H500s	-	All	All	All
Operating System	Netapp	H500s Firmware	-	All	All	All
Hardware	Netapp	H700s	-	All	All	All
Operating System	Netapp	H700s Firmware	-	All	All	All
Application	Netapp	Ontap Tools	-	All	All	All
Application	Openldap	Openldap	2.4	All	All	All
Operating System	Redhat	Enterprise Linux	8.0	All	All	All
Operating System	Redhat	Enterprise Linux	9.0	All	All	All

Reference	Source	Link	Tags
cve-details	MISC	access.redhat.com
Full Disclosure: APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8	FULLDISC	seclists.org
About the security content of macOS Ventura 13.5 - Apple Support	CONFIRM	support.apple.com
About the security content of macOS Monterey 12.6.8 - Apple Support	CONFIRM	support.apple.com
About the security content of macOS Big Sur 11.7.9 - Apple Support	CONFIRM	support.apple.com
Full Disclosure: APPLE-SA-2023-07-24-4 macOS Ventura 13.5	FULLDISC	seclists.org
Full Disclosure: APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9	FULLDISC	seclists.org
403 Forbidden	CONFIRM	security.netapp.com
9904 – A Potential NPD	MISC	bugs.openldap.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

199558 Ubuntu Security Notification for OpenLDAP Vulnerability (USN-6197-1)
200089 Ubuntu Security Notification for OpenLDAP Vulnerability (USN-6616-1)
296105 Oracle Solaris 11.4 Support Repository Update (SRU) 63.157.1 Missing (CPUOCT2023)
355456 Amazon Linux Security Advisory for openldap : ALAS2023-2023-219
355554 Amazon Linux Security Advisory for openldap : ALAS2-2023-2095
355833 Amazon Linux Security Advisory for openldap : ALAS-2023-1804
378687 Apple macOS Ventura 13.5 Not Installed (HT213843)
378688 Apple macOS Monterey 12.6.8 Not Installed (HT213844)
378689 Apple macOS Big Sur 11.7.9 Not Installed (HT213845)
673309 EulerOS Security Update for openldap (EulerOS-SA-2023-2622)
673320 EulerOS Security Update for openldap (EulerOS-SA-2023-2592)
673668 EulerOS Security Update for openldap (EulerOS-SA-2023-2659)
673727 EulerOS Security Update for openldap (EulerOS-SA-2023-3139)
673774 EulerOS Security Update for openldap (EulerOS-SA-2023-2701)
673959 EulerOS Security Update for openldap (EulerOS-SA-2023-2791)
674087 EulerOS Security Update for openldap (EulerOS-SA-2023-2815)
754091 SUSE Enterprise Linux Security Update for openldap2 (SUSE-SU-2023:2484-1)
754092 SUSE Enterprise Linux Security Update for openldap2 (SUSE-SU-2023:2483-1)
754096 SUSE Enterprise Linux Security Update for openldap2 (SUSE-SU-2023:2503-1)