exim exim 内存缓冲区边界内操作的限制不恰当

admin

0
文章

0
评论

2023-11-30 05:32:14 Ali_nvd 来源：ZONE.CI 全球网 0 阅读模式

中危 exim exim 内存缓冲区边界内操作的限制不恰当

CVE编号

CVE-2022-3559

利用情况

暂无

补丁情况

官方补丁

披露时间

2022-10-18

漏洞描述

A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
https://bugs.exim.org/show_bug.cgi?id=2915
https://git.exim.org/exim.git/commit/4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://vuldb.com/?id.211073

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	exim	exim	-	-
	运行在以下环境
	系统	amazon_AMI	exim	*		Up to (excluding) 4.92-1.34.amzn1
	运行在以下环境
	系统	debian_10	exim4	*		Up to (including) 4.92-8+deb10u6
	运行在以下环境
	系统	debian_11	exim4	*		Up to (including) 4.94.2-7
	运行在以下环境
	系统	debian_12	exim4	*		Up to (excluding) 4.96-4
	运行在以下环境
	系统	debian_sid	exim4	*		Up to (excluding) 4.96-4
	运行在以下环境
	系统	fedora_35	exim-mon	*		Up to (excluding) 4.96-4.fc35
	运行在以下环境
	系统	fedora_36	exim-mon	*		Up to (excluding) 4.96-4.fc36
	运行在以下环境
	系统	fedora_37	exim-mon	*		Up to (excluding) 4.96-4.fc37
	运行在以下环境
	系统	fedora_EPEL_7	exim-mon	*		Up to (excluding) 4.96-3.el7
	运行在以下环境
	系统	fedora_EPEL_8	exim-mon	*		Up to (excluding) 4.96-3.el8
	运行在以下环境
	系统	fedora_EPEL_9	exim-mon	*		Up to (excluding) 4.96-3.el9
	运行在以下环境
	系统	opensuse_Leap_15.3	eximon	*		Up to (excluding) 4.94.2-bp153.5.1
	运行在以下环境
	系统	opensuse_Leap_15.4	eximon	*		Up to (excluding) 4.94.2-bp154.2.3.1
	运行在以下环境
	系统	ubuntu_18.04	exim4	*		Up to (excluding) 4.90.1-1ubuntu1.10
	运行在以下环境
	系统	ubuntu_20.04	exim4	*		Up to (excluding) 4.93-13ubuntu1.7
	运行在以下环境
	系统	ubuntu_22.04	exim4	*		Up to (excluding) 4.95-4ubuntu2.2
	运行在以下环境
	系统	ubuntu_22.10	exim4	*		Up to (excluding) 4.96-3ubuntu1.1