Mageia 2022-0247: cyrus-imapd security update | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Sign Up
MGASA-2022-0247 - Updated cyrus-imapd packages fix security vulnerability

Publication date: 05 Jul 2022
URL: https://advisories.mageia.org/MGASA-2022-0247.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2021-33582

Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of
service (multiple-minute daemon hang) via input that is mishandled during
hash-table interaction. Because there are many insertions into a single
bucket, strcmp becomes slow. (CVE-2021-33582)

References:
- https://bugs.mageia.org/show_bug.cgi?id=30079
- https://lists.fedoraproject.org/archives/list/[email protected]/thread/WJZB45QBUN7CZFGOWCZYUYACNBTX7LVS/
- https://www.debian.org/lts/security/2022/dla-3052
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33582

SRPMS:
- 8/core/cyrus-imapd-2.5.15-3.1.mga8

Mageia 2022-0247: cyrus-imapd security update

Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute daemon hang) via input that is mishandled during hash-table interaction

Summary

Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute daemon hang) via input that is mishandled during hash-table interaction. Because there are many insertions into a single bucket, strcmp becomes slow. (CVE-2021-33582)

References

- https://bugs.mageia.org/show_bug.cgi?id=30079

- https://lists.fedoraproject.org/archives/list/[email protected]/thread/WJZB45QBUN7CZFGOWCZYUYACNBTX7LVS/

- https://www.debian.org/lts/security/2022/dla-3052

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33582

Resolution

MGASA-2022-0247 - Updated cyrus-imapd packages fix security vulnerability

SRPMS

- 8/core/cyrus-imapd-2.5.15-3.1.mga8

Severity
Publication date: 05 Jul 2022
URL: https://advisories.mageia.org/MGASA-2022-0247.html
Type: security
CVE: CVE-2021-33582

Related News

Multiple Easily Exploitable OpenSSL DoS Bugs Fixed

New GobRAT Remote Access Trojan Targeting Linux Routers in Japan

Open Saucers Have Job Security

New 'MichaelKors' Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems

News

Advisories

HOWTOs

Features

Linux Container Security Primer
Email Phishing Using Kali Linux
Is Linux A More Secure Option Than Windows For Businesses?
How Secure Is Linux?
How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy