CVE-2026-40684
CVE-2026-40684
In short
Exim email servers using musl libc can crash when receiving malformed DNS data in reverse lookup records, disrupting email delivery for that connection.
Technical detail
A vulnerability in Exim versions before 4.99.2 on musl-based systems allows remote attackers to trigger a denial of service by sending crafted DNS PTR records that exploit a dn_expand handling flaw in octal printing, causing the connection process to crash without requiring authentication.
Summary generated and translated by AI from the official description.
In Exim before 4.99.2, on systems using musl libc (not glibc), an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dn_expand oddity in octal printing.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products
Exim · EximWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://code.exim.org/exim/exim/commit/628bbaca7672748d941a12e7cd5f0122a4e18c81https://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40684.assessmenthttps://exim.org/static/doc/security/CVE-2026-40684.txthttps://www.openwall.com/lists/oss-security/2026/04/30/21http://www.openwall.com/lists/oss-security/2026/05/01/11