Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Ubuntu 22.04 & 20.04 LTS: USN-7013-1 Dovecot DoS Threat Resolved

Calendar Sep 16, 2024 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory software update Ubuntu Denial of Service Dovecot resource consumption
Several security issues were fixed in Dovecot. 
==========================================================================
Ubuntu Security Notice USN-7013-1
September 16, 2024

dovecot vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in Dovecot.

Software Description:
- dovecot: IMAP and POP3 email server

Details:

It was discovered that Dovecot incorrectly handled a large number of
address headers. A remote attacker could possibly use this issue to cause
Dovecot to consume resources, leading to a denial of service.
(CVE-2024-23184)

It was discovered that Dovecot incorrectly handled very large headers. A
remote attacker could possibly use this issue to cause Dovecot to consume
resources, leading to a denial of service. (CVE-2024-23185)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
   dovecot-core                    1:2.3.16+dfsg1-3ubuntu2.4

Ubuntu 20.04 LTS
   dovecot-core                    1:2.3.7.2-1ubuntu3.7

In general, a standard system update will make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-7013-1
   CVE-2024-23184, CVE-2024-23185

Package Information:
   https://launchpad.net/ubuntu/+source/dovecot/1:2.3.16+dfsg1-3ubuntu2.4
   https://launchpad.net/ubuntu/+source/dovecot/1:2.3.7.2-1ubuntu3.7

Ubuntu 22.04 & 20.04 LTS: USN-7013-1 Dovecot DoS Threat Resolved

ubuntu
Calendar Grey September 16, 2024
Dist Ubuntu Esm H88
A security patch for Dovecot has been issued, addressing vulnerabilities in both Ubuntu 22.04 and 20.04 LTS, thus mitigating risks of resource exhaustion exploits.
Several security issues were fixed in Dovecot.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in Dovecot. Software Description: - dovecot: IMAP and POP3 email server Details: It was discovered that Dovecot incorrectly handled a large number of address headers. A remote attacker could possibly use this issue to cause Dovecot to consume resources, leading to a denial of service. (CVE-2024-23184) It was discovered that Dovecot incorrectly handled very large headers. A remote attacker could possibly use this issue to cause Dovecot to consume resources, leading to a denial of service. (CVE-2024-23185)

Topics%20covered

Topics Covered

security advisory software update Ubuntu Denial of Service Dovecot resource consumption

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS dovecot-core 1:2.3.16+dfsg1-3ubuntu2.4 Ubuntu 20.04 LTS dovecot-core 1:2.3.7.2-1ubuntu3.7 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7013-1

CVE-2024-23184, CVE-2024-23185

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7013-1

Topics%20covered

Topics Covered

security advisory software update Ubuntu Denial of Service Dovecot resource consumption

Package Information

https://launchpad.net/ubuntu/+source/dovecot/1:2.3.16+dfsg1-3ubuntu2.4 https://launchpad.net/ubuntu/+source/dovecot/1:2.3.7.2-1ubuntu3.7

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here