<Vulnerability name="CVE-2026-15041">
    <DocumentDistribution xml:lang="en">Copyright © 2012 Red Hat, Inc. All rights reserved.</DocumentDistribution>
    <ThreatSeverity>Low</ThreatSeverity>
    <PublicDate>2026-07-08T09:58:21</PublicDate>
    <Bugzilla id="2498022" url="https://bugzilla.redhat.com/show_bug.cgi?id=2498022" xml:lang="en:us">
389-ds-base: 389-ds-base: Non-constant-time comparison in PBKDF2-SHA256 password verification
    </Bugzilla>
    <CVSS3 status="draft">
        <CVSS3BaseScore>3.7</CVSS3BaseScore>
        <CVSS3ScoringVector>CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N</CVSS3ScoringVector>
    </CVSS3>
    <CWE>CWE-208</CWE>
    <Details xml:lang="en:us" source="Mitre">
A flaw was found in 389 Directory Server. The PBKDF2-SHA256 password verification function uses standard memcmp() for comparing password hashes instead of a constant-time comparison function. A remote attacker could potentially use timing measurements of LDAP bind attempts to infer partial hash information, though practical exploitation is extremely difficult due to PBKDF2 computational overhead.
    </Details>
    <Details xml:lang="en:us" source="Red Hat">
A flaw was found in 389 Directory Server. The PBKDF2-SHA256 password verification function uses standard memcmp() for comparing password hashes instead of a constant-time comparison function. A remote attacker could potentially use timing measurements of LDAP bind attempts to infer partial hash information, though practical exploitation is extremely difficult due to PBKDF2 computational overhead.
    </Details>
    <Acknowledgement xml:lang="en:us">
Red Hat would like to thank Andrew Rukin (Arenadata) for reporting this issue.
    </Acknowledgement>
    <Mitigation xml:lang="en:us">
If possible, configure 389 Directory Server to use an alternative password storage scheme (e.g., SSHA512 or GOST-Yescrypt) which uses constant-time comparison.
    </Mitigation>
    <PackageState cpe="cpe:/a:redhat:directory_server:11">
        <ProductName>Red Hat Directory Server 11</ProductName>
        <FixState>Fix deferred</FixState>
        <PackageName>redhat-ds:11/389-ds-base</PackageName>
    </PackageState>
    <PackageState cpe="cpe:/a:redhat:directory_server:12">
        <ProductName>Red Hat Directory Server 12</ProductName>
        <FixState>Fix deferred</FixState>
        <PackageName>redhat-ds:12/389-ds-base</PackageName>
    </PackageState>
    <PackageState cpe="cpe:/a:redhat:directory_server:13">
        <ProductName>Red Hat Directory Server 13</ProductName>
        <FixState>Fix deferred</FixState>
        <PackageName>389-ds-base</PackageName>
    </PackageState>
    <PackageState cpe="cpe:/o:redhat:enterprise_linux:10">
        <ProductName>Red Hat Enterprise Linux 10</ProductName>
        <FixState>Fix deferred</FixState>
        <PackageName>389-ds-base</PackageName>
    </PackageState>
    <PackageState cpe="cpe:/o:redhat:enterprise_linux:6">
        <ProductName>Red Hat Enterprise Linux 6</ProductName>
        <FixState>Not affected</FixState>
        <PackageName>389-ds-base</PackageName>
    </PackageState>
    <PackageState cpe="cpe:/o:redhat:enterprise_linux:7">
        <ProductName>Red Hat Enterprise Linux 7</ProductName>
        <FixState>Fix deferred</FixState>
        <PackageName>389-ds-base</PackageName>
    </PackageState>
    <PackageState cpe="cpe:/o:redhat:enterprise_linux:8">
        <ProductName>Red Hat Enterprise Linux 8</ProductName>
        <FixState>Fix deferred</FixState>
        <PackageName>389-ds:1.4/389-ds-base</PackageName>
    </PackageState>
    <PackageState cpe="cpe:/o:redhat:enterprise_linux:9">
        <ProductName>Red Hat Enterprise Linux 9</ProductName>
        <FixState>Fix deferred</FixState>
        <PackageName>389-ds-base</PackageName>
    </PackageState>
    <References xml:lang="en:us">
https://www.cve.org/CVERecord?id=CVE-2026-15041
https://nvd.nist.gov/vuln/detail/CVE-2026-15041
    </References>
</Vulnerability>