CVE-2019-19906

NameCVE-2019-19906
Descriptioncyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-2044-1, DSA-4591-1
NVD severitymedium
Debian Bugs947043

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
cyrus-sasl2 (PTS)jessie2.1.26.dfsg1-13+deb8u1vulnerable
jessie (security)2.1.26.dfsg1-13+deb8u2fixed
stretch2.1.27~101-g0780600+dfsg-3vulnerable
stretch (security)2.1.27~101-g0780600+dfsg-3+deb9u1fixed
buster2.1.27+dfsg-1vulnerable
buster (security)2.1.27+dfsg-1+deb10u1fixed
bullseye, sid2.1.27+dfsg-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
cyrus-sasl2source(unstable)2.1.27+dfsg-2947043
cyrus-sasl2sourcebuster2.1.27+dfsg-1+deb10u1DSA-4591-1
cyrus-sasl2sourcejessie2.1.26.dfsg1-13+deb8u2DLA-2044-1
cyrus-sasl2sourcestretch2.1.27~101-g0780600+dfsg-3+deb9u1DSA-4591-1

Notes

https://github.com/cyrusimap/cyrus-sasl/issues/587
https://www.openldap.org/its/index.cgi/Incoming?id=9123

Search for package or bug name: Reporting problems