Debian bullseye
Source: Debian Security Tracker
exim4→ fixed in4.94.2-7+deb11u4urgency: not yet assignedsudo apt-get install --only-upgrade -y exim4
Back to CVE digest
CVE-2022-3559 · cross-distro fix matrix
CVE-2022-3559: A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issu
Affects 3 Linux releases across 3 (distro × package) combinations.
Fix per ecosystem
Each block below is a distro release where CVE-2022-3559 has a known fix. Run the listed command on that distro to remediate.
Debian bookworm
Source: Debian Security Tracker
exim4→ fixed in4.96-4urgency: not yet assignedsudo apt-get install --only-upgrade -y exim4
Debian trixie
Source: Debian Security Tracker
exim4→ fixed in4.96-4urgency: not yet assignedsudo apt-get install --only-upgrade -y exim4
Are YOU affected by CVE-2022-3559?
5-second check on your actual server. Reads /etc/os-release, uname -r, and the distro's package manager; matches against this same cross-source index live.
curl https://mindsparkstack.com/scan.sh | bash
Continuous monitoring beats manual checking
CVE-2022-3559dropped silently in your distro's update channel. Every new CVE is the same story. StackPatch runs the matcher hourly against all 5 sources and emails the exact remediation when something new applies to one of your servers. $99 lifetime, 50 founder seats, 30-day refund.
See StackPatch ($99 lifetime)