CVE-2023-42118
Published: 28 September 2023
[Exim libspf2 Integer Underflow Remote Code Execution Vulnerability]
Notes
| Author | Note |
|---|---|
| eslerm | no security patches available, see ZDI's timeline ZDI claims this is Exim's issue, Exim claims this is libspf2's |
| mdeslaur | as of 2024-04-15, still not enough details from ZDI to know what this CVE is. |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
exim4 Launchpad, Ubuntu, Debian |
bionic |
Deferred
(2024-04-15)
|
| focal |
Deferred
(2024-04-15)
|
|
| jammy |
Deferred
(2024-04-15)
|
|
| lunar |
Ignored
(end of life, was deferred [2024-04-15])
|
|
| mantic |
Deferred
(2024-04-15)
|
|
| noble |
Deferred
(2024-04-15)
|
|
| trusty |
Deferred
(2024-04-15)
|
|
| upstream |
Needs triage
|
|
| xenial |
Deferred
(2024-04-15)
|
|
|
libspf2 Launchpad, Ubuntu, Debian |
bionic |
Deferred
(2024-04-15)
|
| focal |
Deferred
(2024-04-15)
|
|
| jammy |
Deferred
(2024-04-15)
|
|
| lunar |
Ignored
(end of life, was deferred [2024-04-15])
|
|
| mantic |
Deferred
(2024-04-15)
|
|
| noble |
Deferred
(2024-04-15)
|
|
| trusty |
Ignored
(end of standard support)
|
|
| upstream |
Needs triage
|
|
| xenial |
Deferred
(2024-04-15)
|