CVE-2022-3620 – Exim DMARC dmarc.c dmarc_dns_lookup use after free
https://notcve.org/view.php?id=CVE-2022-3620
A vulnerability was found in Exim and classified as problematic. This issue affects the function dmarc_dns_lookup of the file dmarc.c of the component DMARC Handler. The manipulation leads to use after free. The attack may be initiated remotely. The name of the patch is 12fb3842f81bcbd4a4519d5728f2d7e0e3ca1445. • https://git.exim.org/exim.git/commit/12fb3842f81bcbd4a4519d5728f2d7e0e3ca1445 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/667V3ADXQ2MHUJMSXA3VZZEWLVSCIBEU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XV2K2AWF62FSJ64B5CUZPFT4COK7P5PM https://vuldb.com/?id.211919 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •