oss-sec mailing list archives

Re: Exim < 4.95 heap overflow

From: Stuart Henderson <sthen () openbsd org>
Date: Sun, 7 Aug 2022 11:41:12 +0100

On 2022/08/06 22:46, Evgeny Legerov wrote:

Hi,


Here is another bug which has been silently fixed in Exim.

It has not been recognized as a security issue, many distros still don't
have this patch.

Original report + patch  is here -
https://github.com/Exim/exim/commit/d4bc023436e4cce7c23c5f8bb5199e178b4cc743

Analysis of the bug  - https://github.com/ivd38/exim_overflow

I don't post here because it is huge snippet of code.


As a reader, I would much rather have a self-contained list post with a huge
snippet of code, than a link to an external source. But in this case it isn't
huge at all; the entire contents of https://github.com/ivd38/exim_overflow
(README.md, exim.conf, asan.log) are certainly short enough for a list post.

Current thread:

Exim < 4.95 heap overflow Evgeny Legerov (Aug 06)
- Re: Exim < 4.95 heap overflow John Helmert III (Aug 07)
  - Re: Exim < 4.95 heap overflow Roxana Bradescu (Aug 07)
    - Re: [Exim-Security] [oss-security] Exim < 4.95 heap overflow Graeme Fowler (Aug 10)
    - Re: [Exim-Security] [oss-security] Exim < 4.95 heap overflow Roxana Bradescu (Aug 12)
- Re: Exim < 4.95 heap overflow Stuart Henderson (Aug 07)