From anthraxx at archlinux.org  Wed Mar 26 20:40:28 2025
From: anthraxx at archlinux.org (Levente Polyak)
Date: Wed, 26 Mar 2025 20:40:28 +0100
Subject: [manjaro-security] [ASA-202503-1] exim: privilege escalation
Message-ID: <7eaff7cc-aca9-4ce2-8287-9d7bf93a7b12@archlinux.org>

Arch Linux Security Advisory ASA-202503-1
=========================================

Severity: High
Date    : 2025-03-26
CVE-ID  : CVE-2025-30232
Package : exim
Type    : privilege escalation
Remote  : No
Link    : https://security.archlinux.org/AVG-2859

Summary
=======

The package exim before version 4.98.2-1 is vulnerable to privilege
escalation.

Resolution
==========

Upgrade to 4.98.2-1.

# pacman -Syu "exim>=4.98.2-1"

The problem has been fixed upstream in version 4.98.2.

Workaround
==========

None.

Description
===========

A use-after-free has been discovered in exim that can lead to potential
privilege escalation due to the lack of nulling out the
debug_pretrigger_buf pointer before freeing the buffer by the storage
management.

Impact
======

A local unprivileged attacker is able to escalate privileges on the
affected host.

References
==========

https://exim.org/static/doc/security/CVE-2025-30232.txt
https://lists.exim.org/lurker/message/20250326.140105.6b97555b.en.html
https://code.exim.org/exim/exim/commit/be040d7df68a8cbb244aaabc37832984dafcbf55
https://security.archlinux.org/CVE-2025-30232
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.manjaro.org/pipermail/manjaro-security/attachments/20250326/6db89e41/attachment.sig>