Discover Security Vulnerabilities News
Critical OpenDMARC DoS Bug Fixed
A critical vulnerability was found in the OpenDMARC open-source implementation of the DMARC specification. It was discovered that OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 incorrectly handled certain inputs, resulting in remote memory corruption in certain situations (CVE-2020-12460). This vulnerability has received a National Vulnerability Database base score of 9.8 out of 10 (“Critical” severity).
A remote attacker could possibly use this issue to cause a denial of service.
Essential OpenDMARC updates have been released to mitigate this severe bug. We urge all impacted users to apply the updates released by ArchLinux, Debian LTS, Fedora, Gentoo, Mageia, and Ubuntu immediately to prevent loss of access to their critical systems.
To stay on top of essential updates released by the open-source programs and applications you use, register as a LinuxSecurity user, subscribe to our Linux Advisory Watch newsletter, and customize your advisories for your distro(s). This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems.
Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s).