Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Lightspeed
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Lightspeed
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2026:26464 - Security Advisory
Issued:
2026-06-17
Updated:
2026-06-17

RHSA-2026:26464 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: 389-ds-base security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for 389-ds-base is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

Security Fix(es):

  • 389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS) (CVE-2026-9064)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x
  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x

Fixes

  • BZ - 2480093 - CVE-2026-9064 389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS)

CVEs

  • CVE-2026-9064

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
389-ds-base-2.4.5-25.el9_4.src.rpm SHA-256: 2362148113564b1635071e81890738e7bee99823b1a56da36f417017124c821e
x86_64
389-ds-base-2.4.5-25.el9_4.x86_64.rpm SHA-256: 4b105a794d94902a6b96dbcb97fac094cbbf9c556f72c107bcd571eb2a203986
389-ds-base-debuginfo-2.4.5-25.el9_4.x86_64.rpm SHA-256: c1a8398ee3f4914e9d509262fae0d88c0d838535be8967f2e3572d72ffd8d0b1
389-ds-base-debugsource-2.4.5-25.el9_4.x86_64.rpm SHA-256: b6282089245abfd758ff4756972bc7d1f81b90c6fcccd7041e2631e89a99d6df
389-ds-base-libs-2.4.5-25.el9_4.x86_64.rpm SHA-256: 9aaf2598943b3623fd04c03e3038ec46d6e5d374762cb36a4e946ee0ac57ab40
389-ds-base-libs-debuginfo-2.4.5-25.el9_4.x86_64.rpm SHA-256: 0cf670ea4c1c33851fbc6e1a3f445a7ced5a11bc80137cea4c01a2c2afa85eaa
389-ds-base-snmp-debuginfo-2.4.5-25.el9_4.x86_64.rpm SHA-256: 41ec3f0e7e92aea1afcbd54d24ff49ef9df9b7f5aa37f4758969aaaa210b519f
python3-lib389-2.4.5-25.el9_4.noarch.rpm SHA-256: 174ac23ba53fbc96ae3669765ed4e7f9d7bfeae3164a2db6d2ee73dea0689110

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
389-ds-base-2.4.5-25.el9_4.src.rpm SHA-256: 2362148113564b1635071e81890738e7bee99823b1a56da36f417017124c821e
ppc64le
389-ds-base-2.4.5-25.el9_4.ppc64le.rpm SHA-256: 4a880f868064185551333b7e0c370aa71e685e60cb743a7eb6d8edc3eeb2a138
389-ds-base-debuginfo-2.4.5-25.el9_4.ppc64le.rpm SHA-256: cc0ce0847d729fa2c466bc2379159027d165f7c0e3a9cbbc6ddd0eff37cfcad1
389-ds-base-debugsource-2.4.5-25.el9_4.ppc64le.rpm SHA-256: b1f15d53212b0d0972a0ace190b85db2b9ca987bc7d42340405cc89f2293082b
389-ds-base-libs-2.4.5-25.el9_4.ppc64le.rpm SHA-256: 6fc236e880628c2a6f10c45947f487431f908832528733d139d13846a9d99469
389-ds-base-libs-debuginfo-2.4.5-25.el9_4.ppc64le.rpm SHA-256: 6de48add21ec98c5599d5e4d069db81eda4c02fc6987227047b97e9e04806444
389-ds-base-snmp-debuginfo-2.4.5-25.el9_4.ppc64le.rpm SHA-256: 6632f12b2b8aa8de7361efa36fb2cb49b793ef2b0438f25e8e0cf6a1b0799855
python3-lib389-2.4.5-25.el9_4.noarch.rpm SHA-256: 174ac23ba53fbc96ae3669765ed4e7f9d7bfeae3164a2db6d2ee73dea0689110

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
389-ds-base-2.4.5-25.el9_4.src.rpm SHA-256: 2362148113564b1635071e81890738e7bee99823b1a56da36f417017124c821e
x86_64
389-ds-base-2.4.5-25.el9_4.x86_64.rpm SHA-256: 4b105a794d94902a6b96dbcb97fac094cbbf9c556f72c107bcd571eb2a203986
389-ds-base-debuginfo-2.4.5-25.el9_4.x86_64.rpm SHA-256: c1a8398ee3f4914e9d509262fae0d88c0d838535be8967f2e3572d72ffd8d0b1
389-ds-base-debugsource-2.4.5-25.el9_4.x86_64.rpm SHA-256: b6282089245abfd758ff4756972bc7d1f81b90c6fcccd7041e2631e89a99d6df
389-ds-base-libs-2.4.5-25.el9_4.x86_64.rpm SHA-256: 9aaf2598943b3623fd04c03e3038ec46d6e5d374762cb36a4e946ee0ac57ab40
389-ds-base-libs-debuginfo-2.4.5-25.el9_4.x86_64.rpm SHA-256: 0cf670ea4c1c33851fbc6e1a3f445a7ced5a11bc80137cea4c01a2c2afa85eaa
389-ds-base-snmp-debuginfo-2.4.5-25.el9_4.x86_64.rpm SHA-256: 41ec3f0e7e92aea1afcbd54d24ff49ef9df9b7f5aa37f4758969aaaa210b519f
python3-lib389-2.4.5-25.el9_4.noarch.rpm SHA-256: 174ac23ba53fbc96ae3669765ed4e7f9d7bfeae3164a2db6d2ee73dea0689110

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
389-ds-base-2.4.5-25.el9_4.src.rpm SHA-256: 2362148113564b1635071e81890738e7bee99823b1a56da36f417017124c821e
aarch64
389-ds-base-2.4.5-25.el9_4.aarch64.rpm SHA-256: 399fb24d2b50c66e19cba5ad823c3c52949726866276c262682209d237daf411
389-ds-base-debuginfo-2.4.5-25.el9_4.aarch64.rpm SHA-256: bd35c61d9965b09c862a856d57a538455e5be9f65ad29ada756b574433d10b58
389-ds-base-debugsource-2.4.5-25.el9_4.aarch64.rpm SHA-256: 7dd1cbbca8fd7802f48846c5cc1262565bb7fa3f31c29c777036b209944041ed
389-ds-base-libs-2.4.5-25.el9_4.aarch64.rpm SHA-256: 38495c1dd1d76530aebdb6ac4d5fd38d6edb4e5bd95a8504378867bc0e442e45
389-ds-base-libs-debuginfo-2.4.5-25.el9_4.aarch64.rpm SHA-256: a686966e4962681d3715eaef86515bca54f1f30264ac814e4208154d05c76a91
389-ds-base-snmp-debuginfo-2.4.5-25.el9_4.aarch64.rpm SHA-256: d003f5f46bfcc3618fada66a004f12d1243cfc43cc46100efb4d890b39499cac
python3-lib389-2.4.5-25.el9_4.noarch.rpm SHA-256: 174ac23ba53fbc96ae3669765ed4e7f9d7bfeae3164a2db6d2ee73dea0689110

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
389-ds-base-2.4.5-25.el9_4.src.rpm SHA-256: 2362148113564b1635071e81890738e7bee99823b1a56da36f417017124c821e
s390x
389-ds-base-2.4.5-25.el9_4.s390x.rpm SHA-256: ab042b47f0561cdae4171456b8c1499d315276e98b729907a0aff5741e56eead
389-ds-base-debuginfo-2.4.5-25.el9_4.s390x.rpm SHA-256: 26866cad1e554328e3664fa1e173cf117c09cb58306a3c0f23f7258a786f80f6
389-ds-base-debugsource-2.4.5-25.el9_4.s390x.rpm SHA-256: 24a937ef2eabe6f125cacbb0eefa5dd2019c19f823aa227a4b2353677061fd40
389-ds-base-libs-2.4.5-25.el9_4.s390x.rpm SHA-256: cff063cd2bf0cd37d85d13ea202bf85868152261c1f611fd98a44a6ccc57115d
389-ds-base-libs-debuginfo-2.4.5-25.el9_4.s390x.rpm SHA-256: 35e4f6f7ffd38b366b074b65e041a4c070e085b3edf6a321c884910736f9bd8f
389-ds-base-snmp-debuginfo-2.4.5-25.el9_4.s390x.rpm SHA-256: bdcee130489de66f4f3919fa6b8dba2a19ab8215142e67045bb5941209a7b6b2
python3-lib389-2.4.5-25.el9_4.noarch.rpm SHA-256: 174ac23ba53fbc96ae3669765ed4e7f9d7bfeae3164a2db6d2ee73dea0689110

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4

SRPM
389-ds-base-2.4.5-25.el9_4.src.rpm SHA-256: 2362148113564b1635071e81890738e7bee99823b1a56da36f417017124c821e
x86_64
389-ds-base-2.4.5-25.el9_4.x86_64.rpm SHA-256: 4b105a794d94902a6b96dbcb97fac094cbbf9c556f72c107bcd571eb2a203986
389-ds-base-debuginfo-2.4.5-25.el9_4.x86_64.rpm SHA-256: c1a8398ee3f4914e9d509262fae0d88c0d838535be8967f2e3572d72ffd8d0b1
389-ds-base-debugsource-2.4.5-25.el9_4.x86_64.rpm SHA-256: b6282089245abfd758ff4756972bc7d1f81b90c6fcccd7041e2631e89a99d6df
389-ds-base-libs-2.4.5-25.el9_4.x86_64.rpm SHA-256: 9aaf2598943b3623fd04c03e3038ec46d6e5d374762cb36a4e946ee0ac57ab40
389-ds-base-libs-debuginfo-2.4.5-25.el9_4.x86_64.rpm SHA-256: 0cf670ea4c1c33851fbc6e1a3f445a7ced5a11bc80137cea4c01a2c2afa85eaa
389-ds-base-snmp-debuginfo-2.4.5-25.el9_4.x86_64.rpm SHA-256: 41ec3f0e7e92aea1afcbd54d24ff49ef9df9b7f5aa37f4758969aaaa210b519f
python3-lib389-2.4.5-25.el9_4.noarch.rpm SHA-256: 174ac23ba53fbc96ae3669765ed4e7f9d7bfeae3164a2db6d2ee73dea0689110

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4

SRPM
389-ds-base-2.4.5-25.el9_4.src.rpm SHA-256: 2362148113564b1635071e81890738e7bee99823b1a56da36f417017124c821e
aarch64
389-ds-base-2.4.5-25.el9_4.aarch64.rpm SHA-256: 399fb24d2b50c66e19cba5ad823c3c52949726866276c262682209d237daf411
389-ds-base-debuginfo-2.4.5-25.el9_4.aarch64.rpm SHA-256: bd35c61d9965b09c862a856d57a538455e5be9f65ad29ada756b574433d10b58
389-ds-base-debugsource-2.4.5-25.el9_4.aarch64.rpm SHA-256: 7dd1cbbca8fd7802f48846c5cc1262565bb7fa3f31c29c777036b209944041ed
389-ds-base-libs-2.4.5-25.el9_4.aarch64.rpm SHA-256: 38495c1dd1d76530aebdb6ac4d5fd38d6edb4e5bd95a8504378867bc0e442e45
389-ds-base-libs-debuginfo-2.4.5-25.el9_4.aarch64.rpm SHA-256: a686966e4962681d3715eaef86515bca54f1f30264ac814e4208154d05c76a91
389-ds-base-snmp-debuginfo-2.4.5-25.el9_4.aarch64.rpm SHA-256: d003f5f46bfcc3618fada66a004f12d1243cfc43cc46100efb4d890b39499cac
python3-lib389-2.4.5-25.el9_4.noarch.rpm SHA-256: 174ac23ba53fbc96ae3669765ed4e7f9d7bfeae3164a2db6d2ee73dea0689110

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4

SRPM
389-ds-base-2.4.5-25.el9_4.src.rpm SHA-256: 2362148113564b1635071e81890738e7bee99823b1a56da36f417017124c821e
ppc64le
389-ds-base-2.4.5-25.el9_4.ppc64le.rpm SHA-256: 4a880f868064185551333b7e0c370aa71e685e60cb743a7eb6d8edc3eeb2a138
389-ds-base-debuginfo-2.4.5-25.el9_4.ppc64le.rpm SHA-256: cc0ce0847d729fa2c466bc2379159027d165f7c0e3a9cbbc6ddd0eff37cfcad1
389-ds-base-debugsource-2.4.5-25.el9_4.ppc64le.rpm SHA-256: b1f15d53212b0d0972a0ace190b85db2b9ca987bc7d42340405cc89f2293082b
389-ds-base-libs-2.4.5-25.el9_4.ppc64le.rpm SHA-256: 6fc236e880628c2a6f10c45947f487431f908832528733d139d13846a9d99469
389-ds-base-libs-debuginfo-2.4.5-25.el9_4.ppc64le.rpm SHA-256: 6de48add21ec98c5599d5e4d069db81eda4c02fc6987227047b97e9e04806444
389-ds-base-snmp-debuginfo-2.4.5-25.el9_4.ppc64le.rpm SHA-256: 6632f12b2b8aa8de7361efa36fb2cb49b793ef2b0438f25e8e0cf6a1b0799855
python3-lib389-2.4.5-25.el9_4.noarch.rpm SHA-256: 174ac23ba53fbc96ae3669765ed4e7f9d7bfeae3164a2db6d2ee73dea0689110

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4

SRPM
389-ds-base-2.4.5-25.el9_4.src.rpm SHA-256: 2362148113564b1635071e81890738e7bee99823b1a56da36f417017124c821e
s390x
389-ds-base-2.4.5-25.el9_4.s390x.rpm SHA-256: ab042b47f0561cdae4171456b8c1499d315276e98b729907a0aff5741e56eead
389-ds-base-debuginfo-2.4.5-25.el9_4.s390x.rpm SHA-256: 26866cad1e554328e3664fa1e173cf117c09cb58306a3c0f23f7258a786f80f6
389-ds-base-debugsource-2.4.5-25.el9_4.s390x.rpm SHA-256: 24a937ef2eabe6f125cacbb0eefa5dd2019c19f823aa227a4b2353677061fd40
389-ds-base-libs-2.4.5-25.el9_4.s390x.rpm SHA-256: cff063cd2bf0cd37d85d13ea202bf85868152261c1f611fd98a44a6ccc57115d
389-ds-base-libs-debuginfo-2.4.5-25.el9_4.s390x.rpm SHA-256: 35e4f6f7ffd38b366b074b65e041a4c070e085b3edf6a321c884910736f9bd8f
389-ds-base-snmp-debuginfo-2.4.5-25.el9_4.s390x.rpm SHA-256: bdcee130489de66f4f3919fa6b8dba2a19ab8215142e67045bb5941209a7b6b2
python3-lib389-2.4.5-25.el9_4.noarch.rpm SHA-256: 174ac23ba53fbc96ae3669765ed4e7f9d7bfeae3164a2db6d2ee73dea0689110

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2026 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility