CVE-2025-67896

Name
CVE-2025-67896
Description
Exim before 4.99.1, with certain non-default rate-limit configurations, allows a remote heap-based buffer overflow because database records are cast directly to internal structures without validation.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
cve@mitre.org https://exim.org/static/doc/security/
cve@mitre.org https://www.openwall.com/lists/oss-security/2025/12/11/2
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2025/12/14/1
cve@mitre.org https://exim.org/static/doc/security/EXIM-Security-2025-12-09.1/report.txt
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2025/12/18/3

Match rules

CPE URI Source package Min version Max version
exim == 4.99 == None

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
exim edge-community 4.99.1-r0 Celeste <cielesti@protonmail.com> possibly vulnerable
exim edge-community 4.99-r2 Celeste <cielesti@protonmail.com> possibly vulnerable
exim edge-community 4.99-r1 Celeste <cielesti@protonmail.com> possibly vulnerable
exim edge-community 4.99-r0 Celeste <cielesti@protonmail.com> possibly vulnerable
exim edge-community 4.98.2-r0 Celeste <cielesti@protonmail.com> possibly vulnerable
exim edge-community 4.98.1-r0 Celeste <cielesti@protonmail.com> possibly vulnerable
exim edge-community 4.98-r0 Celeste <cielesti@protonmail.com> possibly vulnerable
exim edge-community 4.97.1-r0 Celeste <cielesti@protonmail.com> possibly vulnerable
exim edge-community 4.97-r0 Celeste <cielesti@protonmail.com> possibly vulnerable
exim edge-community 4.96.2-r0 Jesse Young <jlyo@jlyo.org> possibly vulnerable
exim edge-community 4.96.1-r0 Jesse Young <jlyo@jlyo.org> possibly vulnerable
exim edge-community 4.96-r2 Jesse Young <jlyo@jlyo.org> possibly vulnerable
exim edge-community 4.96-r1 Jesse Young <jlyo@jlyo.org> possibly vulnerable
exim edge-community 4.96-r0 Jesse Young <jlyo@jlyo.org> possibly vulnerable
exim edge-community 4.95-r0 Jesse Young <jlyo@jlyo.org> possibly vulnerable
exim edge-community 4.94.2-r1 Jesse Young <jlyo@jlyo.org> possibly vulnerable
exim edge-community 4.94.2-r0 Jesse Young <jlyo@jlyo.org> possibly vulnerable
exim edge-community 4.93-r1 None possibly vulnerable
exim edge-community 4.92.2-r1 None possibly vulnerable
exim edge-community 4.92.2-r0 None possibly vulnerable
exim edge-community 4.92.1-r0 None possibly vulnerable
exim edge-community 4.92-r0 None possibly vulnerable
exim edge-community 4.90.1-r0 None possibly vulnerable
exim edge-community 4.89.1-r0 None possibly vulnerable
exim edge-community 4.89-r7 None possibly vulnerable
exim edge-community 4.89-r5 None possibly vulnerable
exim 3.23-community 4.99.1-r0 Celeste <cielesti@protonmail.com> possibly vulnerable
exim 3.22-community 4.98.2-r0 Celeste <cielesti@protonmail.com> possibly vulnerable
exim 3.22-community 4.98-r0 None possibly vulnerable
exim 3.22-community 4.97.1-r0 None possibly vulnerable
exim 3.22-community 4.96.2-r0 None possibly vulnerable
exim 3.22-community 4.96.1-r0 None possibly vulnerable
exim 3.22-community 4.94.2-r0 None possibly vulnerable
exim 3.22-community 4.93-r1 None possibly vulnerable
exim 3.22-community 4.92.2-r1 None possibly vulnerable
exim 3.22-community 4.92.2-r0 None possibly vulnerable
exim 3.22-community 4.92.1-r0 None possibly vulnerable
exim 3.22-community 4.92-r0 None possibly vulnerable
exim 3.22-community 4.90.1-r0 None possibly vulnerable
exim 3.22-community 4.89.1-r0 None possibly vulnerable
exim 3.22-community 4.89-r7 None possibly vulnerable
exim 3.22-community 4.89-r5 None possibly vulnerable