CNNVD-202510-342 Information

CNNVD ID

CNNVD-202510-342

Related CVE

CVE-2025-53881

• CNNVD Published: 2025-10-02

Description (Chinese)

Exim是Exim开源的一个运行于Unix系统中的开源消息传送代理（MTA），它主要负责邮件的路由、转发和投递。 exim 4.98.2-lp156.248.1之前版本存在安全漏洞，该漏洞源于logrotate配置存在符号链接跟随问题，可能导致权限提升。

Description (English)

Exim is an open-source transmission agent (MTA) operating in the Unix system, which is primarily responsible for the route, forwarding and delivery of mail. Exim 4.98.2-lp 156.248.1 had a security loophole, which stemmed from a problem with logrotate configuration with a symbol link, which could lead to an increase in privileges.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Exim

Published

2025-10-02

Last Modified

2026-02-24

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-53881 https://vigilance.fr/vulnerability/SUSE-exim-privilege-escalation-via-Logrotate-Configuration-48596

Patch

https://www.exim.org/