USN-6455-2: Exim regression

USN-6455-1 fixed vulnerabilities in Exim. The fix for CVE-2023-42117 introduced a regression on Ubuntu 22.04 LTS that resulted in certain connections logging a Taint mismatch error. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered tha...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Exim vulnerability (USN-8353-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8353-1 advisory. Warisjeet Singh discovered that Exim with SUPPORTPROXY enabled did not properly handle memory before SMTP authentication. A remote...

USN-8353-1: Exim vulnerability

Warisjeet Singh discovered that Exim with SUPPORTPROXY enabled did not properly handle memory before SMTP authentication. A remote attacker could possibly use this issue to obtain sensitive information...

USN-8353-1 exim4 vulnerability

Warisjeet Singh discovered that Exim with SUPPORTPROXY enabled did not properly handle memory before SMTP authentication. A remote attacker could possibly use this issue to obtain sensitive information...

CVE-2026-48840

Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of uninitialized stack memory values to a client...

EUVD-2026-33446

Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of uninitialized stack memory values to a client...

CVE-2026-48840

Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of uninitialized stack memory values to a client...

CVE-2026-48840

Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of uninitialized stack memory values to a client...

PT-2026-44997

Name of the Vulnerable Software and Affected Versions Exim versions 4.88 through 4.99.3 Description In certain proxy configurations, the PROXY-protocol parser mishandles short payloads, resulting in a pre-authentication information disclosure. This issue allows the leakage of uninitialized stack...

Astra Linux - уязвимость в exim4

Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkimfinishbodyhash does not validate the relationship between sig-bodyhash.len and b-bh.len; thus, a crafted DKIM-Signature header might lead to the leakage of sensitive information from process memory...

Astra Linux - уязвимость в exim4

Exim 4 before 4.94.2 has an improper restriction on write operations within the bounds of a memory buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands...

Astra Linux - уязвимость в exim4

Exim 4 before 4.94.2 allowed integer overflow to lead to a buffer overflow in the receiveaddrecipient function, through an email message with fifty million recipients. NOTE: Remote exploitation might be difficult due to resource consumption...

Astra Linux - уязвимость в exim4

Exim before version 4.95 has a heap-based buffer overflow for the alias list in hostnamelookup in host.c when senderhostname is set...

Astra Linux - уязвимость в exim4

Exim 4 before 4.94.2 has an improper initialization issue that can lead to recursive stack consumption or other consequences. This occurs because the use of certain getc functions is handled incorrectly when a client uses BDAT instead of DATA...

Astra Linux - уязвимость в exim4

Exim 4 before 4.94.2 allowed Buffer Underwrite, which could allow unauthenticated remote attackers to execute arbitrary commands. This is because smtpungetc was only intended for pushing back characters, but it can actually be used to push back non-character error codes, such as EOF...

Astra Linux - уязвимость в exim4

Exim 4 before 4.94.2 allows Heap-based Buffer Overflows because it mishandles the "-F’.‘” syntax on the command line. This may allow privilege escalation from any user to root. This issue occurs due to the incorrect interpretation of negative sizes in the strncpy function...

Astra Linux - уязвимость в exim4

Exim 4 before 4.94.2 allowed out-of-bounds read vulnerabilities. The smtpsetupmsg function may disclose sensitive information from the process memory to an unauthenticated SMTP client...

Astra Linux - уязвимость в exim4

Exim 4.98 before 4.98.1 allowed remote SQL injection when SQLite hints and ETRN serialization were used. Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations...

Astra Linux - уязвимость в exim4

Before version 4.97.1, Exim allowed SMTP smuggling in certain pipeline/chunking configurations. Remote attackers could use a known exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, thereby bypassing an SPF protection mechanism. This issue arises because Exim...

Astra Linux - уязвимость в exim4

In versions of Exim up to 4.97.1, Misparse processes multi-line RFC 2231 header filenames. As a result, remote attackers can bypass the protection mechanism that blocks $mimefilename extensions, and potentially deliver executable attachments to the mailboxes of end users...