Postfix: Denial of Service

1. Gentoo Linux Security Advisory

Advisory Reference	GLSA 200809-09 / postfix
Release Date	September 19, 2008
Latest Revision	September 19, 2008: 01
Impact	normal
Exploitable	local

Package	Vulnerable versions	Unaffected versions	Architecture(s)
mail-mta/postfix	< 2.4.9, < 2.5.5	>= 2.4.9, >= 2.5.5	All supported architectures

Related bugreports: #236453

Synopsis

A memory leak in Postfix might allow local users to cause a Denial of Service.

2. Impact Information

Background

Postfix is Wietse Venema's mailer that attempts to be fast, easy to administer, and secure, as an alternative to the widely-used Sendmail program.

Description

It has been discovered than Postfix leaks an epoll file descriptor when executing external commands, e.g. user-controlled $HOME/.forward or $HOME/.procmailrc files. NOTE: This vulnerability only concerns Postfix instances running on Linux 2.6 kernels.

Impact

A local attacker could exploit this vulnerability to reduce the performance of Postfix, and possibly trigger an assertion, resulting in a Denial of Service.

3. Resolution Information

Workaround

Allow only trusted users to control delivery to non-Postfix commands.

Resolution

All Postfix 2.4 users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-mta/postfix-2.4.9"

All Postfix 2.5 users should upgrade to the latest version:

Code Listing 3.2: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-mta/postfix-2.5.5"

4. References

CVE-2008-3889

Page updated September 19, 2008

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.