CVE-2017-1000369 log

Source
Severity Medium
Remote No
Type Denial of service
Description
An uncontrolled resource consumption flaw has been discovered in Exim before 4.89.1. The use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed results in leaking memory. While Exim itself is not vulnerable to privilege escalation, this particular flaw can be used by the stackguard vulnerability to achieve privilege escalation.
Group Package Affected Fixed Severity Status Ticket
AVG-518 exim 4.89-1 4.89.1-1 Critical Fixed FS#56478
Date Advisory Group Package Severity Description
30 Nov 2017 ASA-201711-32 AVG-518 exim Critical multiple issues
References
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
https://git.exim.org/exim.git/commitdiff/65e061b76867a9ea7aeeb535341b790b90ae6c21
https://access.redhat.com/security/vulnerabilities/stackguard