Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2025-30232 - log back

CVE-2025-30232 edited at 26 Mar 2025 19:18:05

Description

-	A use-after-free is possible, with potential for privilege escalation.
+	A use-after-free has been discovered in exim that can lead to potential privilege escalation due to the lack of nulling out the debug_pretrigger_buf pointer before freeing the buffer by the storage management.

CVE-2025-30232 created at 26 Mar 2025 19:04:19

Severity

+

High

Remote

+

Local

Type

+	Privilege escalation

Description

+	A use-after-free is possible, with potential for privilege escalation.

References

+	https://exim.org/static/doc/security/CVE-2025-30232.txt
+	https://lists.exim.org/lurker/message/20250326.140105.6b97555b.en.html
+	https://code.exim.org/exim/exim/commit/be040d7df68a8cbb244aaabc37832984dafcbf55

Notes

+	Introduced after: https://code.exim.org/exim/exim/commit/19fdbfb4a2b6ca4a6a96ef52be848f0a23e2414f (exim-4.96-RC0)