smtpd/table.c in OpenSMTPD prior to 6.8.0p1 lacks a certain regfree, which might allow malicious users to trigger a "very significant" memory leak via messages to an instance that performs many regex lookups.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensmtpd opensmtpd 6.8.0 |
||
opensmtpd opensmtpd |
||
fedoraproject fedora 32 |
||
fedoraproject fedora 33 |