CVE-2024-23184: 
Dovecot vulnerability analysis and mitigation

CVE-2024-23184 is a vulnerability discovered in Dovecot IMAP Server affecting versions 2.2 and 2.3, specifically in the lib-mail component. The vulnerability was internally discovered by the vendor and reported on January 30, 2024. The issue involves excessive CPU consumption when processing large numbers of address headers (From, To, Cc, Bcc, etc.) in email messages (OSS Security, NVD).

The vulnerability is classified as CWE-770 (Allocation of Resources Without Limits or Throttling). The core issue stems from the inefficient handling of address headers, where each header line's address is added to the end of a linked list by walking through the entire list. With 100,000 header lines, CPU usage reaches 12 seconds, and in production environments, 500,000 header lines can take up to 18 minutes to parse. The vulnerability has been assigned a CVSS v3.1 score of 5.0 (MEDIUM) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N (OSS Security, CSAF Advisory).

An external attacker can exploit this vulnerability by sending specially crafted messages that consume target system resources and potentially cause system outages. The impact primarily affects system availability due to excessive CPU consumption during email processing (CSAF Advisory).

The vulnerability has been fixed in Dovecot version 2.3.21.1. As a workaround, administrators can implement restrictions on address headers on the MTA component preceding Dovecot. A patch is available at the Dovecot GitHub repository (Full Disclosure, OSS Security).