Bug 1920446 (CVE-2021-3181) - CVE-2021-3181 mutt: Memory leak when parsing rfc822 group addresses
Summary: CVE-2021-3181 mutt: Memory leak when parsing rfc822 group addresses
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2021-3181
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1920451 1932081
Blocks: 1920453
TreeView+ depends on / blocked
 
Reported: 2021-01-26 10:55 UTC by Marian Rehak
Modified: 2021-11-09 19:53 UTC (History)
10 users (show)

Fixed In Version: mutt 2.0.5
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-11-09 19:53:59 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2021:4181 0 None None None 2021-11-09 17:36:50 UTC

Description Marian Rehak 2021-01-26 10:55:55 UTC
Remote attackers can cause a denial of service (mailbox unavailability) by sending email messages with sequences of semicolon characters in RFC822 address fields (aka terminators of empty groups). A small email message from the attacker can cause large memory consumption, and the victim may then be unable to see other email messages.

Reference:

https://gitlab.com/muttmua/mutt/-/issues/323

Comment 1 Marian Rehak 2021-01-26 10:57:06 UTC
Created mutt tracking bugs for this issue:

Affects: fedora-all [bug 1920451]

Comment 3 Tomas Hoger 2021-02-23 20:57:08 UTC
Upstream commit:
https://gitlab.com/muttmua/mutt/-/commit/4a2becbdb4422aaffe3ce314991b9d670b7adf17

Note that the upstream report points out additional fixes that were made to further reduce memory usage when parsing malformed messages.

Comment 6 errata-xmlrpc 2021-11-09 17:36:49 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:4181 https://access.redhat.com/errata/RHSA-2021:4181

Comment 7 Product Security DevOps Team 2021-11-09 19:53:57 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-3181


Note You need to log in before you can comment on or make changes to this bug.