CVE-2023-42118

Exim libspf2 Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Exim libspf2. Authentication is not required to exploit this vulnerability. 

The specific flaw exists within the parsing of SPF macros. When parsing SPF macros, the process does not properly validate user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the service account.
. Was ZDI-CAN-17578.
Wrap or Wraparound
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
ADJACENT_NETWORK
HIGH
NONE
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
zdiCNA
7.5 HIGH
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
Debian logo
Debian Releases
Debian Product
Codename
libspf2
bullseye (security)
vulnerable
bullseye
postponed
bookworm
postponed
buster
postponed
sid
vulnerable
trixie
vulnerable
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
exim4
oracular
deferred
noble
deferred
mantic
ignored
lunar
ignored
jammy
deferred
focal
deferred
bionic
deferred
xenial
deferred
trusty
ignored
libspf2
oracular
deferred
noble
deferred
mantic
ignored
lunar
ignored
jammy
deferred
focal
deferred
bionic
deferred
xenial
deferred
trusty
ignored
Common Weakness Enumeration
References
https://www.zerodayinitiative.com/advisories/ZDI-23-1472/
http://www.openwall.com/lists/oss-security/2025/03/28/1
https://www.zerodayinitiative.com/advisories/ZDI-23-1472/