Heiko Schlittermann <[email protected]> writes: > Hello, > > The Exim maintainers are releasing an important security update to address a > critical vulnerability affecting certain Exim configurations. > > Vulnerability Details > > A remotely reachable Use-After-Free (UAF) vulnerability has been > identified in Exim's BDAT (binary data transmission) body parsing path > when using the GnuTLS backend. This vulnerability can lead to heap > corruption and potential code execution. > > Affected Versions and Configurations > > This vulnerability affects Exim versions 4.97 through 4.99.x that: > - Are built with GnuTLS support > - Have STARTTLS and CHUNKING advertised > > Recommended Action > > We strongly recommend all affected users upgrade to Exim 4.99.3 or later > immediately. > > Obtaining the Fix > > Fixed versions are available: > - Repository: https://code.exim.org/exim-/exim (branch: exim-4.99+fixes, tag: > exim-4.99.3) (signed by me) > - Tarballs: https://downloads.exim.org/exim4/ (signed by me) > - Please see the Exim website for detailed upgrade instructions > > Additional Information > > - Distros already have coordinated access to patches > - Internal tracking ID: EXIM-Security-2026-05-01.1 > - Full technical details will be available: > https://exim.org/static/doc/security/EXIM-Security-2026-05-01.1/
CVE is CVE-2026-45185. > > Thank you for your cooperation. > And special thanks to the reporter at xbow security. Writeup at https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim > > Best regards from Dresden/Germany > Viele Grüße aus Dresden > Heiko Schlittermann
signature.asc
Description: PGP signature
