Exim up to 4.94 Alias List host.c host_name_lookup sender_host_name heap-based overflow

Summaryinfo

A vulnerability was found in Exim up to 4.94 and classified as critical. Affected by this vulnerability is the function host_name_lookup of the file host.c of the component Alias List Handler. Such manipulation of the argument sender_host_name leads to heap-based overflow. This vulnerability is uniquely identified as CVE-2022-37452. The attack can be launched remotely. No exploit exists. It is suggested to upgrade the affected component.

Detailsinfo

A vulnerability, which was classified as critical, has been found in Exim up to 4.94 (Mail Server Software). Affected by this issue is the function host_name_lookup of the file host.c of the component Alias List Handler. The manipulation of the argument sender_host_name with an unknown input leads to a heap-based overflow vulnerability. Using CWE to declare the problem leads to CWE-122. A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). Impacted is confidentiality, integrity, and availability. CVE summarizes:

Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.

The weakness was disclosed 08/07/2022. The advisory is shared for download at openwall.com. This vulnerability is handled as CVE-2022-37452 since 08/07/2022. There are known technical details, but no exploit is available.

Upgrading to version 4.95 eliminates this vulnerability. The upgrade is hosted for download at github.com. Applying the patch d4bc023436e4cce7c23c5f8bb5199e178b4cc743 is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Productinfo

Type

• Mail Server Software

Name

• Exim

Version

• 4.0
• 4.1
• 4.2
• 4.3
• 4.4
• 4.5
• 4.6
• 4.7
• 4.8
• 4.9
• 4.10
• 4.11
• 4.12
• 4.13
• 4.14
• 4.15
• 4.16
• 4.17
• 4.18
• 4.19
• 4.20
• 4.21
• 4.22
• 4.23
• 4.24
• 4.25
• 4.26
• 4.27
• 4.28
• 4.29
• 4.30
• 4.31
• 4.32
• 4.33
• 4.34
• 4.35
• 4.36
• 4.37
• 4.38
• 4.39
• 4.40
• 4.41
• 4.42
• 4.43
• 4.44
• 4.45
• 4.46
• 4.47
• 4.48
• 4.49
• 4.50
• 4.51
• 4.52
• 4.53
• 4.54
• 4.55
• 4.56
• 4.57
• 4.58
• 4.59
• 4.60
• 4.61
• 4.62
• 4.63
• 4.64
• 4.65
• 4.66
• 4.67
• 4.68
• 4.69
• 4.70
• 4.71
• 4.72
• 4.73
• 4.74
• 4.75
• 4.76
• 4.77
• 4.78
• 4.79
• 4.80
• 4.81
• 4.82
• 4.83
• 4.84
• 4.85
• 4.86
• 4.87
• 4.88
• 4.89
• 4.90
• 4.91
• 4.92
• 4.93
• 4.94

License

• open-source

Website

• Product: https://github.com/Exim/exim/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Discussion