Alerts This Week
Warning Icon 1 1,109
Alerts This Week
Warning Icon 1 1,109

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

ubuntu
Calendar Grey June 10, 2026
Dist Ubuntu Esm H88
Exim on Ubuntu 22.04 LTS had a regression after security fix USN-6455-1, affecting stability when handling user data.
USN-6455-1 introduced a regression in Exim

Summary

USN-6455-1 introduced a regression in Exim

Software Description:

- exim4: Exim is a mail transport agent

Details:

USN-6455-1 fixed vulnerabilities in Exim. The fix for CVE-2023-42117

introduced a regression on Ubuntu 22.04 LTS that resulted in certain

connections logging a Taint mismatch error. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that Exim incorrectly handled validation of user-supplied

data, which could lead to memory corruption. A remote attacker could

possibly use this issue to execute arbitrary code. (CVE-2023-42117)

It was discovered that Exim incorrectly handled validation of user-supplied

data, which could lead to an out-of-bounds read. An attacker could possibly

use this issue to expose sensitive information. (CVE-2023-42119)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
  exim4                           4.95-4ubuntu2.10
  exim4-daemon-heavy              4.95-4ubuntu2.10
  exim4-daemon-light              4.95-4ubuntu2.10

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6455-2

https://ubuntu.com/security/notices/USN-6455-1

https://launchpad.net/bugs/2152830

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6455-2

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here