Direct links to fixes
6.1.0.74-ISS-ITDS-WinX64-IF0074
6.1.0.74-ISS-ITDS-Win32-IF0074
6.1.0.74-ISS-ITDS-SolarisX64-IF0074
6.1.0.74-ISS-ITDS-SolarisSparc-IF0074
6.1.0.74-ISS-ITDS-Linuxz-IF0074
6.1.0.74-ISS-ITDS-LinuxX64-IF0074
6.1.0.74-ISS-ITDS-Linuxip-IF0074
6.1.0.74-ISS-ITDS-Linux32-IF0074
6.1.0.74-ISS-ITDS-HPUXPARISC-IF0074
6.1.0.74-ISS-ITDS-HPUXIA64-IF0074
6.1.0.74-ISS-ITDS-AIX-IF0074
6.1.0.73-ISS-ITDS-WinX64-IF0073
6.1.0.73-ISS-ITDS-Win32-IF0073
6.1.0.73-ISS-ITDS-SolarisX64-IF0073
6.1.0.73-ISS-ITDS-SolarisSparc-IF0073
6.1.0.73-ISS-ITDS-Linuxz-IF0073
6.1.0.73-ISS-ITDS-Linuxip-IF0073
6.1.0.73-ISS-ITDS-LinuxX64-IF0073
6.1.0.73-ISS-ITDS-Linux32-IF0073
6.1.0.73-ISS-ITDS-HPUXPARISC-IF0073
6.1.0.73-ISS-ITDS-HPUXIA64-IF0073
6.1.0.73-ISS-ITDS-AIX-IF0073
6.1.0.71-ISS-ITDS-WinX64-IF0071
6.1.0.71-ISS-ITDS-Win32-IF0071
6.1.0.71-ISS-ITDS-SolarisX64-IF0071
6.1.0.71-ISS-ITDS-SolarisSparc-IF0071
6.1.0.71-ISS-ITDS-Linuxz-IF0071
6.1.0.71-ISS-ITDS-LinuxX64-IF0071
6.1.0.71-ISS-ITDS-Linuxip-IF0071
6.1.0.71-ISS-ITDS-Linux32-IF0071
6.1.0.71-ISS-ITDS-HPUXPARISC-IF0071
6.1.0.71-ISS-ITDS-HPUXIA64-IF0071
6.1.0.71-ISS-ITDS-AIX-IF0071
6.1.0.70-ISS-ITDS-WinX64-IF0070
6.1.0.70-ISS-ITDS-Win32-IF0070
6.1.0.70-ISS-ITDS-SolarisX64-IF0070
6.1.0.70-ISS-ITDS-SolarisSparc-IF0070
6.1.0.70-ISS-ITDS-Linuxz-IF0070
6.1.0.70-ISS-ITDS-LinuxX64-IF0070
6.1.0.70-ISS-ITDS-Linuxip-IF0070
6.1.0.70-ISS-ITDS-Linux32-IF0070
6.1.0.70-ISS-ITDS-HPUXPARISC-IF0070
6.1.0.70-ISS-ITDS-HPUXIA64-IF0070
6.1.0.70-ISS-ITDS-AIX-IF0070
6.1.0.69-ISS-ITDS-WinX64-IF0069
6.1.0.69-ISS-ITDS-Win32-IF0069
6.1.0.69-ISS-ITDS-SolarisX64-IF0069
6.1.0.69-ISS-ITDS-SolarisSparc-IF0069
6.1.0.69-ISS-ITDS-Linuxz-IF0069
6.1.0.69-ISS-ITDS-LinuxX64-IF0069
6.1.0.69-ISS-ITDS-Linuxip-IF0069
6.1.0.69-ISS-ITDS-Linux32-IF0069
6.1.0.69-ISS-ITDS-HPUXPARISC-IF0069
6.1.0.69-ISS-ITDS-HPUXIA64-IF0069
6.1.0.69-ISS-ITDS-AIX-IF0069
6.1.0.68-ISS-ITDS-WinX64-IF0068
6.1.0.68-ISS-ITDS-Win32-IF0068
6.1.0.68-ISS-ITDS-SolarisX64-IF0068
6.1.0.68-ISS-ITDS-SolarisSparc-IF0068
6.1.0.68-ISS-ITDS-Linuxz-IF0068
6.1.0.68-ISS-ITDS-LinuxX64-IF0068
6.1.0.68-ISS-ITDS-Linuxip-IF0068
6.1.0.68-ISS-ITDS-Linux32-IF0068
6.1.0.68-ISS-ITDS-HPUXPARISC-IF0068
6.1.0.68-ISS-ITDS-HPUXIA64-IF0068
6.1.0.68-ISS-ITDS-AIX-IF0068
6.1.0.67-ISS-ITDS-WinX64-IF0067
6.1.0.67-ISS-ITDS-Win32-IF0067
6.1.0.67-ISS-ITDS-SolarisX64-IF0067
6.1.0.67-ISS-ITDS-SolarisSparc-IF0067
6.1.0.67-ISS-ITDS-Linuxz-IF0067
6.1.0.67-ISS-ITDS-LinuxX64-IF0067
6.1.0.67-ISS-ITDS-Linuxip-IF0067
6.1.0.67-ISS-ITDS-Linux32-IF0067
6.1.0.67-ISS-ITDS-HPUXPARISC-IF0067
6.1.0.67-ISS-ITDS-HPUXIA64-IF0067
6.1.0.67-ISS-ITDS-AIX-IF0067
6.1.0.66-ISS-ITDS-WinX64-IF0066
6.1.0.66-ISS-ITDS-Win32-IF0066
6.1.0.66-ISS-ITDS-SolarisX64-IF0066
6.1.0.66-ISS-ITDS-SolarisSparc-IF0066
6.1.0.66-ISS-ITDS-Linuxz-IF0066
6.1.0.66-ISS-ITDS-LinuxX64-IF0066
6.1.0.66-ISS-ITDS-Linuxip-IF0066
6.1.0.66-ISS-ITDS-Linux32-IF0066
6.1.0.66-ISS-ITDS-HPUXPARISC-IF0066
6.1.0.66-ISS-ITDS-HPUXIA64-IF0066
6.1.0.66-ISS-ITDS-AIX-IF0066
6.1.0.65-ISS-ITDS-WinX64-IF0065
6.1.0.65-ISS-ITDS-Win32-IF0065
6.1.0.65-ISS-ITDS-SolarisX64-IF0065
6.1.0.65-ISS-ITDS-SolarisSparc-IF0065
6.1.0.65-ISS-ITDS-Linuxz-IF0065
6.1.0.65-ISS-ITDS-LinuxX64-IF0065
6.1.0.65-ISS-ITDS-Linuxip-IF0065
6.1.0.65-ISS-ITDS-Linux32-IF0065
6.1.0.65-ISS-ITDS-HPUXPARISC-IF0065
6.1.0.65-ISS-ITDS-HPUXIA64-IF0065
6.1.0.65-ISS-ITDS-AIX-IF0065
Tivoli Directory Server, Version 6.1.0.48-ISS-ITDS-IF0048
Tivoli Directory Server, Version 6.1.0.49-ISS-ITDS-IF0049
APAR status
Closed as program error.
Error description
Using TDS server version 6.1.0.0 - 6.1.0.15, ldapadd the following entry using administrator bind: dn: globalGroupName=GlobalAdminGroup,cn=ibmpolicies globalGroupName: GlobalAdminGroup objectclass: top objectclass: ibm-globalAdminGroup A double free crashes server w/ SIGSEGV on most platforms.
Local fix
There is no real risk of a vulnerability because: a) Only an administrator is allowed to modify this entry. A non-admin bind cannot crash the server this way. b) An administrator would never need to do add this entry because it is always created by the server automatically at startup. Indeed, the error is partly caused because we're adding an entry which already exists. So the work around is simply "don't do this", no one would ever need to anyway.
Problem summary
2 different pointer references to the same allocated memory were being freed. The fix is to NULL both pointer references whenever either one is freed so that we know not to free them both.
Problem conclusion
The fix for this APAR will be contained in the following maintenance packages: | fix pack | 6.1.0-TIV-ITDS-FP0002 |
Temporary fix
Comments
APAR Information
APAR number
IO09113
Reported component name
IBM TIV DIR SER
Reported component ID
5724J3960
Reported release
610
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2008-06-24
Closed date
2008-06-24
Last modified date
2008-06-24
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
IBM TIV DIR SER
Fixed component ID
5724J3960
Applicable component levels
R610 PSY
UP
R600 PSN
UP
Document Information
Modified date:
09 February 2022