Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 938214 (CVE-2024-39929)

Summary: <mail-mta/exim-4.97.1-r6: Incorrect parsing of multiline rfc2231 header filename
Product: Gentoo Security Reporter: Dmitry A. Bakshaev <dab1818>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: CONFIRMED ---    
Severity: normal CC: bertrand, grobian, jstein
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
See Also: https://bugs.gentoo.org/show_bug.cgi?id=938473
Whiteboard: B4 [glsa?]
Package list:
Runtime testing required: ---
Bug Depends on: 941697    
Bug Blocks:    

Description Dmitry A. Bakshaev 2024-08-20 06:40:35 UTC 
https://nvd.nist.gov/vuln/detail/CVE-2024-39929:
"Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users."

https://bugs.exim.org/show_bug.cgi?id=3099
Comment 1 Larry the Git Cow gentoo-dev 2024-08-21 07:40:28 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1097635d14eeaaa52eeda75da3257a08c27bcf30

commit 1097635d14eeaaa52eeda75da3257a08c27bcf30
Author:     Fabian Groffen <grobian@gentoo.org>
AuthorDate: 2024-08-21 07:39:00 +0000
Commit:     Fabian Groffen <grobian@gentoo.org>
CommitDate: 2024-08-21 07:39:47 +0000

    mail-mta/exim-4.97.1-r6: CVE-2024-39929
    
    Bug: https://bugs.gentoo.org/938214
    Signed-off-by: Fabian Groffen <grobian@gentoo.org>

 mail-mta/exim/exim-4.97.1-r6.ebuild                | 637 +++++++++++++++++++++
 .../files/exim-4.97.1-CVE-2024-39929-part1.patch   | 111 ++++
 .../files/exim-4.97.1-CVE-2024-39929-part2.patch   | 247 ++++++++
 3 files changed, 995 insertions(+)
Comment 2 Jonas Stein gentoo-dev 2024-08-25 11:49:05 UTC 
Fixed in mail-mta/exim-4.98
Comment 3 Fabian Groffen gentoo-dev 2024-09-02 08:26:23 UTC 
Fixbackported in mail-mta/exim-4.97.1-r6, which is running stable.  4.98 is masked due to segfaults in helper scripts.
Comment 4 Larry the Git Cow gentoo-dev 2024-11-26 07:48:32 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=27ed5e48f7fcdd986681da73ae9af15de4f53039

commit 27ed5e48f7fcdd986681da73ae9af15de4f53039
Author:     Fabian Groffen <grobian@gentoo.org>
AuthorDate: 2024-11-26 07:47:56 +0000
Commit:     Fabian Groffen <grobian@gentoo.org>
CommitDate: 2024-11-26 07:48:30 +0000

    mail-mta/exim: cleanup vulnerable
    
    Bug: https://bugs.gentoo.org/938214
    Signed-off-by: Fabian Groffen <grobian@gentoo.org>

 mail-mta/exim/exim-4.97.1-r5.ebuild | 634 ------------------------------------
 mail-mta/exim/exim-4.97.1.ebuild    | 633 -----------------------------------
 2 files changed, 1267 deletions(-)