Fedora: Exim Critical Remote Heap Corruption CVE-2025-67896 2026-223569b08a
fedora
January 20, 2026
This is new exim version fixing CVE-2025-67896.
Summary
Exim is a message transfer agent (MTA) developed at the University of
Cambridge for use on Unix systems connected to the Internet. It is
freely available under the terms of the GNU General Public Licence. In
style it is similar to Smail 3, but its facilities are more
general. There is a great deal of flexibility in the way mail can be
routed, and there are extensive facilities for checking incoming
mail. Exim can be installed in place of sendmail, although the
configuration of exim is quite different to that of sendmail.
Update Information:
This is new exim version fixing CVE-2025-67896.
Topics Covered
Change Log
* Sat Jan 3 2026 Jaroslav \u0160karvada
References
[ 1 ] Bug #2423180 - exim-4.99.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2423180
[ 2 ] Bug #2423183 - CVE-2025-26794 & CWE-122, CWE-787, CWE-843 in Exim 4.99
https://bugzilla.redhat.com/show_bug.cgi?id=2423183
[ 3 ] Bug #2430489 - CVE-2025-67896 exim: Exim: Remote heap corruption vulnerability [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2430489
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-223569b08a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: exim
Product: Fedora 43
Version: 4.99.1
Release: 1.fc43
Summary: The exim mail transfer agent
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!