CVE-2020-25710: 
NixOS vulnerability analysis and mitigation

CVE-2020-25710 is a vulnerability discovered in OpenLDAP versions before 2.4.56. The vulnerability allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23() function (NVD, CVE).

The vulnerability is classified with a CVSS v3.1 Base Score of 7.5 (HIGH) with the vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. The flaw exists in the CSN normalization process within OpenLDAP's server component, specifically in the csnNormalize23() function (NetApp Advisory).

The highest threat from this vulnerability is to system availability. A successful exploitation could lead to a Denial of Service (DoS) condition through the crash of the slapd daemon when processing specially crafted packets (Debian Advisory).

The vulnerability has been fixed in OpenLDAP version 2.4.56. Users are recommended to upgrade their OpenLDAP installations to this version or later. Various Linux distributions have also released security updates to address this vulnerability, including Debian (version 2.4.47+dfsg-3+deb10u4) and Red Hat Enterprise Linux (Debian Security, Red Hat Bugzilla).