Bug 1821773 (CVE-2020-8015) - CVE-2020-8015 exim: Symlink Following could result in privilege escalation
Summary: CVE-2020-8015 exim: Symlink Following could result in privilege escalation
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2020-8015
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1821776 1821775
Blocks: 1821774
TreeView+ depends on / blocked
 
Reported: 2020-04-07 15:18 UTC by Michael Kaplan
Modified: 2020-04-07 18:46 UTC (History)
4 users (show)

Fixed In Version: exim 4.93.0.4-3.1
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-04-07 18:46:48 UTC
Embargoed:

Attachments (Terms of Use)

Description Michael Kaplan 2020-04-07 15:18:05 UTC 
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim allows local attackers to escalate from user mail to root.
Comment 1 Michael Kaplan 2020-04-07 15:19:00 UTC 
Created exim tracking bugs for this issue:

Affects: epel-all [bug 1821776]
Affects: fedora-all [bug 1821775]
Note You need to log in before you can comment on or make changes to this bug.