Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 938214 (CVE-2024-39929) - <mail-mta/exim-4.97.1-r6: Incorrect parsing of multiline rfc2231 header filename
Summary: <mail-mta/exim-4.97.1-r6: Incorrect parsing of multiline rfc2231 header filename
Status: CONFIRMED
Alias: CVE-2024-39929
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL:
Whiteboard: B4 [glsa?]
Keywords:
Depends on: 941697
Blocks:
  Show dependency tree
 
Reported: 2024-08-20 06:40 UTC by Dmitry A. Bakshaev
Modified: 2024-11-27 06:50 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Dmitry A. Bakshaev 2024-08-20 06:40:35 UTC
https://nvd.nist.gov/vuln/detail/CVE-2024-39929:
"Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users."

https://bugs.exim.org/show_bug.cgi?id=3099
Comment 1 Larry the Git Cow gentoo-dev 2024-08-21 07:40:28 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1097635d14eeaaa52eeda75da3257a08c27bcf30

commit 1097635d14eeaaa52eeda75da3257a08c27bcf30
Author:     Fabian Groffen <grobian@gentoo.org>
AuthorDate: 2024-08-21 07:39:00 +0000
Commit:     Fabian Groffen <grobian@gentoo.org>
CommitDate: 2024-08-21 07:39:47 +0000

    mail-mta/exim-4.97.1-r6: CVE-2024-39929
    
    Bug: https://bugs.gentoo.org/938214
    Signed-off-by: Fabian Groffen <grobian@gentoo.org>

 mail-mta/exim/exim-4.97.1-r6.ebuild                | 637 +++++++++++++++++++++
 .../files/exim-4.97.1-CVE-2024-39929-part1.patch   | 111 ++++
 .../files/exim-4.97.1-CVE-2024-39929-part2.patch   | 247 ++++++++
 3 files changed, 995 insertions(+)
Comment 2 Jonas Stein gentoo-dev 2024-08-25 11:49:05 UTC
Fixed in mail-mta/exim-4.98
Comment 3 Fabian Groffen gentoo-dev 2024-09-02 08:26:23 UTC
Fixbackported in mail-mta/exim-4.97.1-r6, which is running stable.  4.98 is masked due to segfaults in helper scripts.
Comment 4 Larry the Git Cow gentoo-dev 2024-11-26 07:48:32 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=27ed5e48f7fcdd986681da73ae9af15de4f53039

commit 27ed5e48f7fcdd986681da73ae9af15de4f53039
Author:     Fabian Groffen <grobian@gentoo.org>
AuthorDate: 2024-11-26 07:47:56 +0000
Commit:     Fabian Groffen <grobian@gentoo.org>
CommitDate: 2024-11-26 07:48:30 +0000

    mail-mta/exim: cleanup vulnerable
    
    Bug: https://bugs.gentoo.org/938214
    Signed-off-by: Fabian Groffen <grobian@gentoo.org>

 mail-mta/exim/exim-4.97.1-r5.ebuild | 634 ------------------------------------
 mail-mta/exim/exim-4.97.1.ebuild    | 633 -----------------------------------
 2 files changed, 1267 deletions(-)