dovecot: Fix of CVE-2017-15132

🗓️ 02 May 2026 01:00:50Reported by CloudLinuxType

cloudlinux

cloudlinux🔗 repo.cloudlinux.com👁 6 Views

Dovecot fixes memory leak and hash table use-after-free in auth client request abort in lib-auth.

Reporter	Title	Published	Views	Family All 78
FreeBSD	dovecot -- abort of SASL authentication results in a memory leak	9 Jan 201800:00	–	freebsd
AlpineLinux	CVE-2017-15132	25 Jan 201820:00	–	alpinelinux
ArchLinux	[ASA-201803-7] dovecot: multiple issues	6 Mar 201800:00	–	archlinux
BDU FSTEC	The vulnerability of the Dovecot mail server, related to errors in SASL authentication settings, allows attackers to cause service interruptions.	27 Feb 202000:00	–	bdu_fstec
CNVD	Dovecot Memory Leak Vulnerability	26 Jan 201800:00	–	cnvd
CVE	CVE-2017-15132	25 Jan 201820:00	–	cve
Cvelist	CVE-2017-15132	25 Jan 201820:00	–	cvelist
Debian	[SECURITY] [DLA 1333-1] dovecot security update	31 Mar 201818:13	–	debian
Debian	[SECURITY] [DSA 4130-1] dovecot security update	2 Mar 201822:28	–	debian
Debian	[SECURITY] [DSA 4130-1] dovecot security update	2 Mar 201822:28	–	debian

OS	OS Version	Architecture	Package	Package Version	Filename
Centos	6	i686	dovecot	2.0.9	dovecot-2.0.9-23.el6.tuxcare.els3.src.rpm
Centos	6	x86_64	dovecot	2.0.9	dovecot-2.0.9-23.el6.tuxcare.els3.src.rpm
Centos	6	i686	dovecot-devel	2.0.9	dovecot-2.0.9-23.el6.tuxcare.els3.src.rpm
Centos	6	x86_64	dovecot-devel	2.0.9	dovecot-2.0.9-23.el6.tuxcare.els3.src.rpm
Centos	6	x86_64	dovecot-mysql	2.0.9	dovecot-2.0.9-23.el6.tuxcare.els3.src.rpm
Centos	6	x86_64	dovecot-pgsql	2.0.9	dovecot-2.0.9-23.el6.tuxcare.els3.src.rpm
Centos	6	x86_64	dovecot-pigeonhole	2.0.9	dovecot-2.0.9-23.el6.tuxcare.els3.src.rpm

02 May 2026 01:00Current

6.8Medium risk

Vulners AI Score6.8

CVSS 25

CVSS 37.5

EPSS0.02771

dovecot memory leak hash table use after free auth request abort lib-auth