Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
Debian Linux: Unprivileged user can escalate privileges
DEBIAN-CVE-2026-45185
Summary
A Debian Linux security issue allows an attacker with normal user privileges to gain full system control. This could happen if a malicious user exploits a weakness in the Debian package management system. To protect your system, update Debian to the latest version and ensure you have the latest security patches installed.
What to do
- Update debian exim4 to version 4.94.2-7+deb11u5.
- Update debian exim4 to version 4.96-15+deb12u9.
- Update debian exim4 to version 4.98.2-1+deb13u2.
- Update debian exim4 to version 4.99.2-2.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Debian:11 | debian | exim4 |
< 4.94.2-7+deb11u5 Fix: upgrade to 4.94.2-7+deb11u5
|
| Debian:12 | debian | exim4 |
< 4.96-15+deb12u9 Fix: upgrade to 4.96-15+deb12u9
|
| Debian:13 | debian | exim4 |
< 4.98.2-1+deb13u2 Fix: upgrade to 4.98.2-1+deb13u2
|
| Debian:14 | debian | exim4 |
< 4.99.2-2 Fix: upgrade to 4.99.2-2
|
Original title
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS close_notify mid-body during a...
Original description
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS close_notify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to heap corruption. An unauthenticated network attacker exploiting this vulnerability could execute arbitrary code.
- https://security-tracker.debian.org/tracker/CVE-2026-45185 Vendor Advisory
Published: 12 May 2026 · Updated: 13 May 2026 · First seen: 12 May 2026