CVE-2020-10958Use After Free in Dovecot

CWE-416Use After Free9 documents7 sources
Severity
5.3MEDIUMNVD
OSV7.5
EPSS
0.5%
top 33.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
DovecotDebian Dovecot
Timeline
PublishedMay 18
Latest updateMay 24

Description

In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can lead to a crash under circumstances involving many newlines after a command.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages4 packages

debiandebian/dovecot< dovecot 1:2.3.10.1+dfsg1-1 (bookworm)
NVDdovecot/dovecot< 2.3.10.1
Debiandovecot/dovecot< 1:2.3.10.1+dfsg1-1+3
Ubuntudovecot/dovecot< 1:2.3.7.2-1ubuntu3.1

🔴Vulnerability Details

3
GHSA
GHSA-v4pj-8r82-6phx: In Dovecot before 22022-05-24
OSV
dovecot vulnerabilities2020-05-18
OSV
CVE-2020-10958: In Dovecot before 22020-05-18

📋Vendor Advisories

3
Ubuntu
Dovecot vulnerabilities2020-05-18
Red Hat
dovecot: command followed by sufficient number of newlines leads to use-after-free2020-05-18
Debian
CVE-2020-10958: dovecot - In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthentica...2020

💬Community

2
Bugzilla
CVE-2020-10958 dovecot: command followed by sufficient number of newlines leads to use-after-free [fedora-all]2020-05-18
Bugzilla
CVE-2020-10958 dovecot: command followed by sufficient number of newlines leads to use-after-free2020-05-11