Updated cyrus-sasl packages are now available for Red Hat Linux 8.0. These packages close buffer overflows present in Cyrus SASL 2.1 and later.
Cyrus SASL is an implementation of the Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols. Cyrus SASL versions 2 prior to 2.1.10 include a number of buffer overflow vulnerabilities: Insufficient buffer length checking in user name canonicalization. This issue would be hard to exploit, but would allow a remote user to execute arbitrary code on the system. When performing authentication using LDAP, saslauthd does not allocate enough memory when it needs to escape special characters in the username and realm. This issue may be easy to remotely exploit. The Log writer might not have allocated memory for the trailing \0 in a message. This issue is probably hard to exploit, although it is possible to affect the logging data with at least anonymous authentication. All users of Cyrus-SASL on Red Hat Linux 8.0 are advised to upgrade to the erratum packages containing Cyrus SASL version 2.1.10 which is not affected by these vulnerabilities. Other Red Hat Linux releases are not affected by this vulnerability as they included Cyrus-SASL version 1.5.x.