CVE-2024-3657: 
Rocky Linux vulnerability analysis and mitigation

CVE-2024-3657 is a security vulnerability discovered in 389-ds-base, where a specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service. The vulnerability was reported on May 28, 2024, and affects the 389 Directory Server, which is an LDAP version 3 (LDAPv3) compliant server (NVD).

The vulnerability has been rated as Important severity with a CVSS v3.1 Base Score of 7.5 HIGH (Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). The flaw is related to improper input validation (CWE-20) and specifically involves the handling of specially-crafted Kerberos AS-REQ requests that can trigger a failure in the directory server (Red Hat).

When exploited, this vulnerability can cause a denial of service condition in the 389 Directory Server. The impact is significant as it can lead to the directory server stopping, affecting the availability of LDAP services (Red Hat).

Red Hat has released security updates to address this vulnerability across multiple product versions. Users are advised to update their 389-ds-base packages to the patched versions available through various security advisories including RHSA-2024:3591, RHSA-2024:3837, RHSA-2024:4092, and others (Red Hat).