SB2026050766 - Ubuntu update for exim4

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2026050766

SB2026050766 - Ubuntu update for exim4

Published: May 7, 2026

Security Bulletin ID SB2026050766
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 vulnerabilities.


1) Out-of-bounds write (CVE-ID: CVE-2026-40685)

The vulnerability allows a remote attacker to cause memory corruption.

The vulnerability exists due to out-of-bounds read/write in json operators when processing invalid externally-provided input in headers. A remote attacker can supply corrupt JSON data to cause memory corruption.

The issue affects configurations that use json operators on externally provided input.


2) Out-of-bounds read (CVE-ID: CVE-2026-40686)

The vulnerability allows a remote attacker to disclose sensitive information.

The vulnerability exists due to out-of-bounds read in utf8 operators when processing malformed utf8 in headers with large trailing characters. A remote attacker can supply malformed utf8 header data to disclose sensitive information.

Data leakage may occur if error messages are required for subsequent emails in the current connection and similar malformed headers are present.


3) Out-of-bounds write (CVE-ID: CVE-2026-40687)

The vulnerability allows a remote attacker to cause a denial of service.

The vulnerability exists due to out-of-bounds read/write in the SPA authentication driver when handling a hostile or compromised external SPA/NTLM connection. A remote attacker can provide crafted SPA/NTLM responses to cause a denial of service.

The issue is exposed in configurations that use the SPA authentication driver and may also leak heap data to the instance.


Remediation

Install update from vendor's website.

References