[gentoo-announce] [ GLSA 201709-19 ] Exim: Local privilege escalation - gentoo-announce

From:	Aaron Bauman <bman@g.o>
To:	gentoo-announce@l.g.o
Subject:	[gentoo-announce] [ GLSA 201709-19 ] Exim: Local privilege escalation
Date:	Sun, 24 Sep 2017 15:53:50
Message-Id:	`1738199.J34WelJr3Y@localhost.localdomain`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory                           GLSA 201709-19

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                           https://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

 Severity: Normal

8

    Title: Exim: Local privilege escalation

9

     Date: September 24, 2017

10

     Bugs: #622212

11

       ID: 201709-19

12

13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

14

15

Synopsis

16

========

17

18

A vulnerability in Exim may allow local users to gain root privileges.

19

20

Background

21

==========

22

23

Exim is a message transfer agent (MTA) developed at the University of

24

Cambridge for use on Unix systems connected to the Internet.

25

26

Affected packages

27

=================

28

29

    -------------------------------------------------------------------

30

     Package              /     Vulnerable     /            Unaffected

31

    -------------------------------------------------------------------

32

  1  mail-mta/exim               < 4.89-r1                 >= 4.89-r1 

33

34

Description

35

===========

36

37

Exim supports the use of multiple "-p" command line arguments causing a

38

memory leak. This could lead to a stack-clash in user-space and as

39

result the attacker can, "clash" or "smash" the stack or another memory

40

region, or "jump" over the stack guard-page.

41

42

Impact

43

======

44

45

A local attacker could obtain root privileges.

46

47

Workaround

48

==========

49

50

There is no known workaround at this time.

51

52

Resolution

53

==========

54

55

All Exim users should upgrade to the latest version:

56

57

  # emerge --sync

58

  # emerge --ask --oneshot --verbose ">=mail-mta/exim-4.89-r1"

59

60

References

61

==========

62

63

[ 1 ] CVE-2017-1000369

64

      https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-1000369

65

66

Availability

67

============

68

69

This GLSA and any updates to it are available for viewing at

70

the Gentoo Security Website:

71

72

 https://security.gentoo.org/glsa/201709-19

73

74

Concerns?

75

=========

76

77

Security is a primary focus of Gentoo Linux and ensuring the

78

confidentiality and security of our users' machines is of utmost

79

importance to us. Any security concerns should be addressed to

80

security@g.o or alternatively, you may file a bug at

81

https://bugs.gentoo.org.

82

83

License

84

=======

85

86

Copyright 2017 Gentoo Foundation, Inc; referenced text

87

belongs to its owner(s).

88

89

The contents of this document are licensed under the

90

Creative Commons - Attribution / Share Alike license.

91

92

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Archives: gentoo-announce

Attachments

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory GLSA 201709-19
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	https://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: Normal
8	Title: Exim: Local privilege escalation
9	Date: September 24, 2017
10	Bugs: #622212
11	ID: 201709-19
12
13	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15	Synopsis
16	========
17
18	A vulnerability in Exim may allow local users to gain root privileges.
19
20	Background
21	==========
22
23	Exim is a message transfer agent (MTA) developed at the University of
24	Cambridge for use on Unix systems connected to the Internet.
25
26	Affected packages
27	=================
28
29	-------------------------------------------------------------------
30	Package / Vulnerable / Unaffected
31	-------------------------------------------------------------------
32	1 mail-mta/exim < 4.89-r1 >= 4.89-r1
33
34	Description
35	===========
36
37	Exim supports the use of multiple "-p" command line arguments causing a
38	memory leak. This could lead to a stack-clash in user-space and as
39	result the attacker can, "clash" or "smash" the stack or another memory
40	region, or "jump" over the stack guard-page.
41
42	Impact
43	======
44
45	A local attacker could obtain root privileges.
46
47	Workaround
48	==========
49
50	There is no known workaround at this time.
51
52	Resolution
53	==========
54
55	All Exim users should upgrade to the latest version:
56
57	# emerge --sync
58	# emerge --ask --oneshot --verbose ">=mail-mta/exim-4.89-r1"
59
60	References
61	==========
62
63	[ 1 ] CVE-2017-1000369
64	https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-1000369
65
66	Availability
67	============
68
69	This GLSA and any updates to it are available for viewing at
70	the Gentoo Security Website:
71
72	https://security.gentoo.org/glsa/201709-19
73
74	Concerns?
75	=========
76
77	Security is a primary focus of Gentoo Linux and ensuring the
78	confidentiality and security of our users' machines is of utmost
79	importance to us. Any security concerns should be addressed to
80	security@g.o or alternatively, you may file a bug at
81	https://bugs.gentoo.org.
82
83	License
84	=======
85
86	Copyright 2017 Gentoo Foundation, Inc; referenced text
87	belongs to its owner(s).
88
89	The contents of this document are licensed under the
90	Creative Commons - Attribution / Share Alike license.
91
92	http://creativecommons.org/licenses/by-sa/2.5