Exim Denial-of-Service Vulnerability in musl libc

A denial-of-service vulnerability has been identified in Exim versions prior to 4.99.2, specifically on systems using musl libc instead of glibc. The issue arises when malformed DNS data in PTR records is processed, leading to a crash of the Exim connection instance. This behavior is linked to an oddity in how octal printing is handled by musl libc.

Impact

Exim can crash while processing DNS data, disrupting email delivery and potentially causing a temporary denial of service on the mail server.

Reproduction

To reproduce this vulnerability, Exim must be built and run with musl libc. Once the Exim daemon is active and accepting connections, an attacker can send a crafted DNS PTR record that includes malformed data. The Exim process will crash when it attempts to process the malicious DNS information.

Remediation

Users can upgrade to Exim version 4.99.2, which is available as a tarball from the Exim FTP site or directly from Git. Instructions for verifying the release signature are also provided.