CVE-2025-30232 log

Source
Severity High
Remote No
Type Privilege escalation
Description
A use-after-free has been discovered in exim that can lead to potential privilege escalation due to the lack of nulling out the debug_pretrigger_buf pointer before freeing the buffer by the storage management.
Group Package Affected Fixed Severity Status Ticket
AVG-2859 exim 4.98.1-1 4.98.2-1 High Fixed
References
https://exim.org/static/doc/security/CVE-2025-30232.txt
https://lists.exim.org/lurker/message/20250326.140105.6b97555b.en.html
https://code.exim.org/exim/exim/commit/be040d7df68a8cbb244aaabc37832984dafcbf55
Notes
Introduced after: https://code.exim.org/exim/exim/commit/19fdbfb4a2b6ca4a6a96ef52be848f0a23e2414f (exim-4.96-RC0)