3 matches found
Astra Linux – Vulnerability in Dovecot
Very large headers can cause resource exhaustion when parsing messages. The message parser usually reads relatively small chunks of the message. However, when these smaller chunks are fed into the message-header parser, the “fullvalue” buffer starts to grow excessively. The “fullvalue” buffer has...
ALPINE-CVE-2024-23184
Having a large number of address headers From, To, Cc, Bcc, etc. becomes excessively CPU intensive. With 100k header lines CPU usage is already 12 seconds, and in a production environment we observed 500k header lines taking 18 minutes to parse. Since this can be triggered by external actors...
PT-2024-7272 · Dovecot +10 · Dovecot +10
Name of the Vulnerable Software and Affected Versions: Dovecot affected versions not specified Description: The issue is related to resource exhaustion when parsing messages with very large headers. The message-parser reads reasonably sized chunks of the message, but when it feeds them to the...