#VU66692 Release of invalid pointer or reference in Exim - CVE-2022-37451

Cybersecurity Help s.r.o.

Published: 2022-08-22

Vulnerability identifier: #VU66692

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-37451

CWE-ID: CWE-763

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Exim
Server applications / Mail servers

Vendor: Exim

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an invalid free in pam_converse() function in auths/call_pam.c. A remote attacker can initiate the connection to the affected mail server and perform a denial of service (DoS) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Exim: 4.00 - 4.95

External links
https://www.exim.org/static/doc/security/
https://github.com/ivd38/exim_invalid_free
https://github.com/Exim/exim/compare/exim-4.95...exim-4.96
https://lists.exim.org/lurker/message/20220625.141825.d6de6074.en.html
https://www.openwall.com/lists/oss-security/2022/08/06/1
https://github.com/Exim/exim/wiki/EximSecurity
https://cwe.mitre.org/data/definitions/762.html
https://github.com/Exim/exim/commit/51be321b27825c01829dffd90f11bfff256f7e42

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Amazon Linux AMI update for exim

Fedora 35 update for exim

Fedora 36 update for exim

Denial of service in Exim