CVE-2021-27216
Exim 4 before 4.94.2 is affected by an Execution with Unnecessary Privileges vulnerability triggered by a delete_pid_file race condition. A local user can delete arbitrary files as root by exploiting -oP/-oPX options, due to Exim operating as root in the log directory (owned by non-root). Connect...