Wind River Support Network

HomeDefectsLIN9-6282
Fixed

LIN9-6282 : Security Advisory - dovecot - CVE-2017-15132

Created: Jan 30, 2018    Updated: Dec 3, 2018
Resolved Date: Feb 6, 2018
Found In Version: 9.0.0.13
Fix Version: 9.0.0.15
Severity: Standard
Applicable for: Wind River Linux 9
Component/s: Userspace

Description

A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of SASL authentication results in a memory leak in dovecot's auth client used by login processes. The leak has impact in high performance configuration where same login processes are reused and can cause the process to crash due to memory exhaustion.

https://nvd.nist.gov/vuln/detail/CVE-2017-15132

Other Downloads


CVEs


Live chat
Online