CVE-2025-2487: 
Alma Linux vulnerability analysis and mitigation

A flaw was discovered in the 389-ds-base LDAP Server on March 18, 2025. The vulnerability occurs when issuing a Modify DN LDAP operation through the LDAP protocol, where a function return value is not tested, leading to a NULL pointer dereference. This affects the server when using TCP-IP or Unix socket as defined in the LDAP RFC (RedHat Bugzilla, NVD).

The vulnerability is identified as CVE-2025-2487 and involves a NULL pointer dereference in the LDAP server's Modify DN operation handling. The issue specifically manifests when the function return value is not properly tested during LDAP MODDN operations. According to the CVSS 3.1 scoring, this vulnerability has been assigned a base score of 4.9 (MEDIUM) with the vector string CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H (NVD).

If successfully exploited, this vulnerability can lead to a Denial of Service (DoS) or system crash when a privileged user performs an LDAP MODDN operation after a failed operation (NVD).

As of the initial disclosure, the vulnerability has been reported to affect multiple versions of the 389-ds-base LDAP Server. The issue has been marked as 'NEW' in the Red Hat Bugzilla tracking system, indicating that patches or official fixes are still pending (RedHat Bugzilla).