Oscar Mira-Sanchez

**Name of the Vulnerable Software and Affected Versions** OpenLDAP versions 2.2.4 through 2.4.10 OpenLDAP versions prior to 2.3.43 **Description** The issue allows remote attackers to cause a denial of service, leading to disruption of protected information availability. This can be achieved through crafted ASN.1 BER datagrams that trigger an assertion error in liblber/io.c. **Recommendations** For OpenLDAP versions 2.2.4 through 2.4.10, consider updating to a version later than 2.4.10 to resolve the issue. For OpenLDAP versions prior to 2.3.43, update to version 2.3.43 or later to fix the problem. As a temporary workaround, consider restricting access to the `liblber/io.c` module to minimize the risk of exploitation.