Ubuntu USN · USN-8382-1

Exim vulnerabilities

Published: Wed, 03 Jun 2026 16:29

CVE-2026-40687CVE-2026-45185CVE-2026-40685CVE-2026-40686CVE-2023-51766CVE-2026-48840

Summary

Several security issues were fixed in Exim.

Details

Timo Longin discovered that Exim incorrectly handled certain SMTP messages in PIPELINING/CHUNKING configurations. A remote attacker could possibly use this issue to perform SMTP smuggling. This issue only affected Ubuntu 14.04 LTS. (CVE-2023-51766) It was discovered that Exim incorrectly handled certain malformed JSON data in headers. A remote attacker could possibly use this issue to crash Exim, resulting in a denial of service, or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2026-40685) It was discovered that Exim incorrectly handled certain malformed UTF-8 headers. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 20.04 LTS. (CVE-2026-40686) It was discovered that Exim incorrectly handled certain SPA resources. A remote attacker could possibly use this issue to crash Exim, resulting in a denial of service, or obtain sensitive information. This issue only affected Ubuntu 20.04 LTS. (CVE-2026-40687) It was discovered that Exim incorrectly handled certain CHUNKING transfers in some GnuTLS configurations. A remote attacker could possibly use this issue to crash Exim, resulting in a denial of service, or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2026-45185) Warisjeet Singh discovered that Exim incorrectly handled certain proxy connections in builds with proxy support enabled. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2026-48840)

Recommended actions per Ubuntu release

StackPatch playbook auto-generated per release codename and per affected package.

Ubuntu bionic

exim4→4.90.1-1ubuntu1.10+esm6apt_upgrade
Standard apt upgrade. Install 4.90.1-1ubuntu1.10+esm6 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4→4.90.1-1ubuntu1.10+esm6apt_upgrade
Standard apt upgrade. Install 4.90.1-1ubuntu1.10+esm6 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-base→4.90.1-1ubuntu1.10+esm6apt_upgrade
Standard apt upgrade. Install 4.90.1-1ubuntu1.10+esm6 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-base
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-config→4.90.1-1ubuntu1.10+esm6apt_upgrade
Standard apt upgrade. Install 4.90.1-1ubuntu1.10+esm6 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-config
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-daemon-heavy→4.90.1-1ubuntu1.10+esm6apt_upgrade
Standard apt upgrade. Install 4.90.1-1ubuntu1.10+esm6 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-daemon-heavy
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-daemon-light→4.90.1-1ubuntu1.10+esm6apt_upgrade
Standard apt upgrade. Install 4.90.1-1ubuntu1.10+esm6 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-daemon-light
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-dev→4.90.1-1ubuntu1.10+esm6apt_upgrade
Standard apt upgrade. Install 4.90.1-1ubuntu1.10+esm6 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-dev
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
eximon4→4.90.1-1ubuntu1.10+esm6apt_upgrade
Standard apt upgrade. Install 4.90.1-1ubuntu1.10+esm6 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y eximon4
```
Most apt upgrades restart their service automatically. needrestart lists anything else.

Ubuntu focal

exim4→4.93-13ubuntu1.12+esm1apt_upgrade
Standard apt upgrade. Install 4.93-13ubuntu1.12+esm1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4→4.93-13ubuntu1.12+esm1apt_upgrade
Standard apt upgrade. Install 4.93-13ubuntu1.12+esm1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-base→4.93-13ubuntu1.12+esm1apt_upgrade
Standard apt upgrade. Install 4.93-13ubuntu1.12+esm1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-base
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-config→4.93-13ubuntu1.12+esm1apt_upgrade
Standard apt upgrade. Install 4.93-13ubuntu1.12+esm1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-config
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-daemon-heavy→4.93-13ubuntu1.12+esm1apt_upgrade
Standard apt upgrade. Install 4.93-13ubuntu1.12+esm1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-daemon-heavy
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-daemon-light→4.93-13ubuntu1.12+esm1apt_upgrade
Standard apt upgrade. Install 4.93-13ubuntu1.12+esm1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-daemon-light
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-dev→4.93-13ubuntu1.12+esm1apt_upgrade
Standard apt upgrade. Install 4.93-13ubuntu1.12+esm1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-dev
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
eximon4→4.93-13ubuntu1.12+esm1apt_upgrade
Standard apt upgrade. Install 4.93-13ubuntu1.12+esm1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y eximon4
```
Most apt upgrades restart their service automatically. needrestart lists anything else.

Ubuntu trusty

exim4→4.82-3ubuntu2.4+esm9apt_upgrade
Standard apt upgrade. Install 4.82-3ubuntu2.4+esm9 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4→4.82-3ubuntu2.4+esm9apt_upgrade
Standard apt upgrade. Install 4.82-3ubuntu2.4+esm9 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-base→4.82-3ubuntu2.4+esm9apt_upgrade
Standard apt upgrade. Install 4.82-3ubuntu2.4+esm9 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-base
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-config→4.82-3ubuntu2.4+esm9apt_upgrade
Standard apt upgrade. Install 4.82-3ubuntu2.4+esm9 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-config
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-daemon-heavy→4.82-3ubuntu2.4+esm9apt_upgrade
Standard apt upgrade. Install 4.82-3ubuntu2.4+esm9 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-daemon-heavy
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-daemon-light→4.82-3ubuntu2.4+esm9apt_upgrade
Standard apt upgrade. Install 4.82-3ubuntu2.4+esm9 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-daemon-light
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-dev→4.82-3ubuntu2.4+esm9apt_upgrade
Standard apt upgrade. Install 4.82-3ubuntu2.4+esm9 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-dev
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
eximon4→4.82-3ubuntu2.4+esm9apt_upgrade
Standard apt upgrade. Install 4.82-3ubuntu2.4+esm9 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y eximon4
```
Most apt upgrades restart their service automatically. needrestart lists anything else.

Ubuntu xenial

exim4→4.86.2-2ubuntu2.6+esm9apt_upgrade
Standard apt upgrade. Install 4.86.2-2ubuntu2.6+esm9 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4→4.86.2-2ubuntu2.6+esm9apt_upgrade
Standard apt upgrade. Install 4.86.2-2ubuntu2.6+esm9 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-base→4.86.2-2ubuntu2.6+esm9apt_upgrade
Standard apt upgrade. Install 4.86.2-2ubuntu2.6+esm9 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-base
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-config→4.86.2-2ubuntu2.6+esm9apt_upgrade
Standard apt upgrade. Install 4.86.2-2ubuntu2.6+esm9 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-config
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-daemon-heavy→4.86.2-2ubuntu2.6+esm9apt_upgrade
Standard apt upgrade. Install 4.86.2-2ubuntu2.6+esm9 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-daemon-heavy
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-daemon-light→4.86.2-2ubuntu2.6+esm9apt_upgrade
Standard apt upgrade. Install 4.86.2-2ubuntu2.6+esm9 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-daemon-light
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
exim4-dev→4.86.2-2ubuntu2.6+esm9apt_upgrade
Standard apt upgrade. Install 4.86.2-2ubuntu2.6+esm9 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y exim4-dev
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
eximon4→4.86.2-2ubuntu2.6+esm9apt_upgrade
Standard apt upgrade. Install 4.86.2-2ubuntu2.6+esm9 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y eximon4
```
Most apt upgrades restart their service automatically. needrestart lists anything else.

Are YOU affected by USN-8382-1?

5-second check on your actual server. Reads /etc/os-release, uname -r, and dpkg-query; matches against the live USN + Debian Security Tracker feeds; tells you whether USN-8382-1 (and any other live CVE) applies. Anonymous, no signup.

curl https://mindsparkstack.com/scan.sh | bash

Form-based quickscan Read the bash source first

Want this automated for your servers?

StackPatch runs this match against YOUR installed packages every hour

Free 1-server / $99 lifetime founder seat (50 only) / $19+/mo monthly. Indie pricing.

Buy lifetime →See StackPatch →Live audit log →