New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution

2026-05-12

1 min read

by info@thehackernews.com (The Hacker News)

Receive daily AI-curated summaries of engineering articles from top tech companies worldwide.

A critical use-after-free vulnerability (CVE-2026-45185) in Exim's BDAT message handling affects GnuTLS-based builds.

•Triggered when TLS close_notify alert precedes BDAT completion, followed by a cleartext byte on the same connection
•Results in writing to freed memory during TLS shutdown, causing heap corruption and potential code execution
•Affects Exim versions 4.97-4.99.2 using GnuTLS; OpenSSL builds are unaffected
•Requires only TLS connection capability and CHUNKING/BDAT SMTP extension access
•Fixed in version 4.99.3 by resetting input processing stack when TLS close notification arrives

This summary was automatically generated by AI based on the original article and may not be fully accurate.

Related Articles