CVE-2021-27212

CWE-617 — Reachable Assertion CWE-400 — Uncontrolled Resource Consumption10 documents8 sources

Severity

7.5HIGH

EPSS

22.2%

top 4.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openldap Openldap Debian Debian Linux

Timeline

PublishedFeb 14

Latest updateAug 24

Description

In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶Debianopenldap< 2.4.57+dfsg-2+3

▶Ubuntuopenldap< 2.4.31-1+nmu2ubuntu8.5+esm8

▶NVDopenldap/openldap2.4.57+2

Also affects: Debian Linux 10.0, 9.0

Patches

Patch: git.openldap.org ↗Patch: git.openldap.org ↗Patch: git.openldap.org ↗

🔴Vulnerability Details

OSV

openldap vulnerabilities↗2025-08-24

▶

GHSA

GHSA-274h-c788-hf3c: In OpenLDAP through 2↗2022-05-24

▶

CVEList

CVE-2021-27212: In OpenLDAP through 2↗2021-02-14

▶

OSV

CVE-2021-27212: In OpenLDAP through 2↗2021-02-14

▶

📋Vendor Advisories

Ubuntu

OpenLDAP vulnerabilities↗2025-08-24

▶

Ubuntu

OpenLDAP vulnerability↗2021-02-22

▶

Red Hat

openldap: Assertion failure in slapd in the issuerAndThisUpdateCheck function↗2021-02-14

▶

Microsoft

In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet resulting in a denial of service (daemon e↗2021-02-09

▶

Debian

CVE-2021-27212: openldap - In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in...↗2021

▶