CVE-2017-1000369 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Denial of service
Description	An uncontrolled resource consumption flaw has been discovered in Exim before 4.89.1. The use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed results in leaking memory. While Exim itself is not vulnerable to privilege escalation, this particular flaw can be used by the stackguard vulnerability to achieve privilege escalation.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-518	exim	4.89-1	4.89.1-1	Critical	Fixed	FS#56478

Date	Advisory	Group	Package	Severity	Type
30 Nov 2017	ASA-201711-32	AVG-518	exim	Critical	multiple issues

References
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt https://git.exim.org/exim.git/commitdiff/65e061b76867a9ea7aeeb535341b790b90ae6c21 https://access.redhat.com/security/vulnerabilities/stackguard

References

https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
https://git.exim.org/exim.git/commitdiff/65e061b76867a9ea7aeeb535341b790b90ae6c21
https://access.redhat.com/security/vulnerabilities/stackguard