Bug 1532356 (CVE-2017-15130) - CVE-2017-15130 dovecot: TLS SNI config lookups are inefficient and can be used for DoS
Summary: CVE-2017-15130 dovecot: TLS SNI config lookups are inefficient and can be use...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2017-15130
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1532357 1551756 1551757
Blocks: 1538713
TreeView+ depends on / blocked
 
Reported: 2018-01-08 17:42 UTC by Pedro Sampaio
Modified: 2021-10-21 11:58 UTC (History)
6 users (show)

Fixed In Version: dovecot 2.2.34, dovecot 2.3.1
Clone Of:
Environment:
Last Closed: 2021-10-21 11:58:37 UTC
Embargoed:

Attachments (Terms of Use)

Description Pedro Sampaio 2018-01-08 17:42:03 UTC 
TLS SNI config lookups may lead to excessive memory usage, causing imap-login/pop3-login VSZ limit to be reached and the process restarted. This happens only if Dovecot config has local_name { } or local { } configuration blocks and attacker uses randomly generated SNI servernames.
Comment 2 Pedro Sampaio 2018-01-08 17:49:47 UTC 
Acknowledgments:

Name: the Dovecot project
Comment 3 Adam Mariš 2018-03-01 10:47:56 UTC 
Reference:

http://www.openwall.com/lists/oss-security/2018/03/01/3
Comment 4 Pedro Yóssis Silva Barbosa 2018-03-01 13:23:56 UTC 
TLS SNI config lookups may lead to excessive memory usage, causing imap-login/pop3-login VSZ limit to be reached and the process restarted. This happens only if Dovecot config has local_name { } or local { } configuration blocks and attacker uses randomly generated SNI servernames.
Comment 6 Pedro Yóssis Silva Barbosa 2018-03-01 15:50:34 UTC 
External References:

https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
Comment 9 Michal Hlavinka 2019-08-13 12:54:36 UTC 
affected version is < 2.2.34, we ship 2.2.36 in rhel7
Comment 10 Michal Hlavinka 2019-08-13 12:55:42 UTC 
reopening, closed wrong clone
Note You need to log in before you can comment on or make changes to this bug.