Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 807619 (CVE-2021-38371) - mail-mta/exim: STARTTLS response injection (buffering) (CVE-2021-38371)
Summary: mail-mta/exim: STARTTLS response injection (buffering) (CVE-2021-38371)
Alias: CVE-2021-38371
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B4 [upstream]
Depends on:
Blocks: 807352
  Show dependency tree
Reported: 2021-08-10 20:37 UTC by John Helmert III
Modified: 2021-08-23 21:55 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III gentoo-dev Security 2021-08-10 20:37:59 UTC

The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.

The CVE references this, but it 404s for me: