CVE-2021-33582
Summary
| CVE | CVE-2021-33582 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2021-09-01 06:15:00 UTC |
|---|
| Updated | 2023-11-07 03:35:00 UTC |
|---|
| Description | Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute daemon hang) via input that is mishandled during hash-table interaction. Because there are many insertions into a single bucket, strcmp becomes slow. This is fixed in 3.4.2, 3.2.8, and 3.0.16. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| [SECURITY] Fedora 34 Update: cyrus-imapd-3.2.8-2.fc34 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| Release Notes — Cyrus IMAP 3.4.1 documentation |
MISC |
www.cyrusimap.org |
|
| [SECURITY] [DLA 3052-1] cyrus-imapd security update |
MLIST |
lists.debian.org |
|
| Security Advisories · cyrusimap/cyrus-imapd · GitHub |
MISC |
github.com |
|
| Topicbox |
CONFIRM |
cyrus.topicbox.com |
|
| [SECURITY] Fedora 35 Update: cyrus-imapd-3.2.8-2.fc35 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| [SECURITY] Fedora 34 Update: cyrus-imapd-3.2.8-2.fc34 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| [SECURITY] Fedora 35 Update: cyrus-imapd-3.2.8-2.fc35 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| Commits · cyrusimap/cyrus-imapd · GitHub |
MISC |
github.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 159384 Oracle Enterprise Linux Security Update for cyrus-imapd (ELSA-2021-3492)
- 179376 Debian Security Update for cyrus-imapd (DLA 3052-1)
- 179841 Debian Security Update for cyrus-imapd (CVE-2021-33582)
- 239632 Red Hat Update for cyrus-imapd (RHSA-2021:3493)
- 239633 Red Hat Update for cyrus-imapd (RHSA-2021:3492)
- 239643 Red Hat Update for cyrus-imapd (RHSA-2021:3546)
- 282409 Fedora Security Update for cyrus (FEDORA-2022-c30b1a8aa3)
- 282414 Fedora Security Update for cyrus (FEDORA-2022-d45bcc5447)
- 353081 Amazon Linux Security Advisory for cyrus-imapd : ALAS2-2021-1725
- 353115 Amazon Linux Security Advisory for cyrus-imapd : ALAS-2022-1559
- 377093 Alibaba Cloud Linux Security Update for cyrus-imapd (ALINUX3-SA-2021:0067)
- 690048 Free Berkeley Software Distribution (FreeBSD) Security Update for cyrus-imapd (3d915d96-0b1f-11ec-8d9f-080027415d17)
- 940350 AlmaLinux Security Update for cyrus-imapd (ALSA-2021:3492)
- 960013 Rocky Linux Security Update for cyrus-imapd (RLSA-2021:3492)
