The Exim project has announced a potentially (locally-?)exploitable UAF in versions 4.96 through 4.98.1.
Bulletin posted to <https://exim.org/static/doc/security/CVE-2025-30232.txt>: > # CVE 2025-30232 > ## Timeline > - 2025/03/13 Report received > - 2025/03/18 ACK sent to reporter > - 2025/03/19 CVE assigned > - 2025/03/19 Distros heads-up mail, to <dist...@vs.openwall.org> and > <exim-maintain...@lists.exim.org> > - 2025/03/21 14:00 UTC Security Release available for (only) Distros > - 2025/03/25 14:00 UTC Public heads-up notification, to > <exim-annou...@lists.exim.org> > - 2025/03/26 14:00 UTC Published the changes on > https://code.exim.org/exim/exim.git > ## Details > A use-after-free is possible, with potential for privilege escalation. > The following conditions have to be met for being vulnerable: > - Exim Version > - 4.96 > - 4.97 > - 4.98 > - 4.98.1 > - Command-line access > ## Acknowledgements > Thanks to Trend Micro for reporting this issue in a responsible manner. > - Ref: ZDI-CAN-26250 > - Email: <zdi-disclosu...@trendmicro.com> At least Debian bookworm ships with 4.96. Security tracker lists bookworm as vulnerable with version 4.96-15+deb12u6, but apt upgrade just now installed 4.96-15+deb12u7 containing a binary dated 4 days ago from the security repository. -Valtteri