Alerts This Week
Warning Icon 1 562
Alerts This Week
Warning Icon 1 562

Mageia 6: MGASA-2019-0141 Moderate: Dovecot Buffer Overflow

mageia
Calendar Grey April 10, 2019
Dist Mageia Esm H88
Mageia 2019-0141 resolves a critical buffer overflow vulnerability within Dovecot, necessitating prompt updates to safeguard against potential exploits.
CVE-2019-7524: Missing input buffer size validation leads into arbitrary buffer overflow when reading fts or pop3 uidl header from Dovecot index

Summary

CVE-2019-7524: Missing input buffer size validation leads into arbitrary buffer overflow when reading fts or pop3 uidl header from Dovecot index. Exploiting this requires direct write access to the index files.

References

- https://bugs.mageia.org/show_bug.cgi?id=24588

- https://nvd.nist.gov/vuln/detail/CVE-2019-7524

- https://dovecot.org/list/dovecot-news/2019-March/000402.html

- https://www.cve.org/CVERecord?id=CVE-2019-7524

Topics%20covered

Topics Covered

security advisory moderate buffer overflow dovecot mageia

Resolution

SRPMS

- 6/core/dovecot-2.2.36.3-1.mga6

Publication date: 10 Apr 2019
URL: https://advisories.mageia.org/MGASA-2019-0141.html
Type: security
CVE: CVE-2019-7524

Topics%20covered

Topics Covered

security advisory moderate buffer overflow dovecot mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here