Bug 1079832 - (CVE-2018-6789) VUL-0: CVE-2018-6789: exim: Buffer overflow in an utility function
(CVE-2018-6789)
VUL-0: CVE-2018-6789: exim: Buffer overflow in an utility function
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 42.3
Other Other
: P3 - Medium : Normal (vote)
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/199626/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-02-07 13:36 UTC by Johannes Segitz
Modified: 2021-05-20 13:24 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
Upstream patch (1.67 KB, patch)
2018-02-14 07:22 UTC, Johannes Segitz
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2018-02-07 13:36:31 UTC
Heiko Schlittermann:
CVE-2018-6789 Exim 4.90 and earlier
===================================

There is a buffer overflow in an utility function, if some pre-conditions
are met.  Using a handcrafted message, remote code execution seems to be
possible.

A patch exists already and is being tested.

Currently we're unsure about the severity, we *believe*, an exploit
is difficult. A mitigation isn't known.

Next steps:

* t0:     Distros will get access to our "security" non-public git repo
          (based on the SSH keys known to us)
* t0 +7d: Patch will be published on the official public git repo

t0 will be around 2018-02-08.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6789
http://seclists.org/oss-sec/2018/q1/133
https://exim.org/security/CVE-2018-6789.txt
Comment 1 Johannes Segitz 2018-02-07 13:36:58 UTC
Requested early access for patches for openSUSE
Comment 2 Johannes Segitz 2018-02-09 08:35:55 UTC
CRD: 2018-02-15 16:59:37 UTC
Comment 3 Swamp Workflow Management 2018-02-13 13:40:07 UTC
This is an autogenerated message for OBS integration:
This bug (1079832) was mentioned in
https://build.opensuse.org/request/show/576270 42.3 / exim
Comment 4 Johannes Segitz 2018-02-14 07:22:56 UTC
Created attachment 760068 [details]
Upstream patch
Comment 6 Swamp Workflow Management 2018-02-19 11:09:06 UTC
openSUSE-SU-2018:0468-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1079832
CVE References: CVE-2018-6789
Sources used:
openSUSE Leap 42.3 (src):    exim-4.86.2-20.1
Comment 7 Karol Babioch 2018-02-19 12:07:37 UTC
released
Comment 8 OBSbugzilla Bot 2021-05-06 16:50:03 UTC
This is an autogenerated message for OBS integration:
This bug (1079832) was mentioned in
https://build.opensuse.org/request/show/891096 15.2 / exim
https://build.opensuse.org/request/show/891098 Backports:SLE-15-SP1 / exim
Comment 9 Swamp Workflow Management 2021-05-07 13:15:29 UTC
openSUSE-SU-2021:0677-1: An update that fixes 26 vulnerabilities is now available.

Category: security (critical)
Bug References: 1079832,1171490,1171877,1173693,1185631
CVE References: CVE-2017-1000369,CVE-2017-16943,CVE-2017-16944,CVE-2018-6789,CVE-2019-16928,CVE-2020-12783,CVE-2020-28007,CVE-2020-28008,CVE-2020-28009,CVE-2020-28010,CVE-2020-28011,CVE-2020-28012,CVE-2020-28013,CVE-2020-28014,CVE-2020-28015,CVE-2020-28016,CVE-2020-28017,CVE-2020-28018,CVE-2020-28019,CVE-2020-28020,CVE-2020-28021,CVE-2020-28022,CVE-2020-28023,CVE-2020-28024,CVE-2020-28025,CVE-2020-28026
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    exim-4.94.2-lp152.8.3.1
Comment 10 Swamp Workflow Management 2021-05-20 13:17:16 UTC
openSUSE-SU-2021:0754-1: An update that fixes 26 vulnerabilities is now available.

Category: security (critical)
Bug References: 1079832,1171490,1171877,1173693,1185631
CVE References: CVE-2017-1000369,CVE-2017-16943,CVE-2017-16944,CVE-2018-6789,CVE-2019-16928,CVE-2020-12783,CVE-2020-28007,CVE-2020-28008,CVE-2020-28009,CVE-2020-28010,CVE-2020-28011,CVE-2020-28012,CVE-2020-28013,CVE-2020-28014,CVE-2020-28015,CVE-2020-28016,CVE-2020-28017,CVE-2020-28018,CVE-2020-28019,CVE-2020-28020,CVE-2020-28021,CVE-2020-28022,CVE-2020-28023,CVE-2020-28024,CVE-2020-28025,CVE-2020-28026
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP2 (src):    exim-4.94.2-bp152.6.4.1, libspf2-1.2.10-bp152.5.1
Comment 11 Swamp Workflow Management 2021-05-20 13:24:45 UTC
openSUSE-SU-2021:0753-1: An update that fixes 30 vulnerabilities is now available.

Category: security (critical)
Bug References: 1079832,1136587,1142207,1154183,1160726,1171490,1171877,1173693,1185631
CVE References: CVE-2017-1000369,CVE-2017-16943,CVE-2017-16944,CVE-2018-6789,CVE-2019-10149,CVE-2019-13917,CVE-2019-15846,CVE-2019-16928,CVE-2020-12783,CVE-2020-28007,CVE-2020-28008,CVE-2020-28009,CVE-2020-28010,CVE-2020-28011,CVE-2020-28012,CVE-2020-28013,CVE-2020-28014,CVE-2020-28015,CVE-2020-28016,CVE-2020-28017,CVE-2020-28018,CVE-2020-28019,CVE-2020-28020,CVE-2020-28021,CVE-2020-28022,CVE-2020-28023,CVE-2020-28024,CVE-2020-28025,CVE-2020-28026,CVE-2020-8015
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP1 (src):    exim-4.94.2-bp151.2.4.1, libspf2-1.2.10-bp151.4.1