Exim: Critical Update for Denial of Service and Remote Code Execution

heimdal

The Discovery 

Multiple security vulnerabilities were discovered in heimdal, an implementation of the Kerberos 5 authentication protocol (CVE-2019-14870, CVE-2021-3671, CVE-2021-44758 and CVE-2022-3437).

The Impact

These issues could result in denial of service (DoS), information disclosure and remote code execution.

The Fix

A heimdal security update fixes these flaws. We recommend that you upgrade your heimdal packages now to protect the security, integrity and availability of your systems.

Your Related Advisories:

[distro_list_1]

vim

The Discovery 

Multiple memory access violations have been found in vim (CVE-2022-0318, CVE-2022-0392, CVE-2022-0629 and CVE-2022-0696).

The Impact

These vulnerabilities are capable of crashing software, bypassing protection mechanisms, modifying memory, and possible remote execution, among other threats.

The Fix

A vim security update that mitigates these flaws is now available. We recommend that you upgrade your vim packages as soon as possible to protect against attacks and compromise.

Your Related Advisories:

[distro_list_2]

Exim

The Discovery

It was discovered that Exim incorrectly handled certain regular expressions (CVE-2022-3559).

The Impact

An attacker could use this issue to cause Exim to crash, resulting in a denial of service (DoS), or possibly execute arbitrary code.

The Fix

An important update is available for Exim that fixes this bug. We recommend that you update promptly to protect against dangerous exploits and disruptive downtime.

Your Related Advisories:

[distro_list_3]