Candidate: CVE-2021-33912
CRD: unknown
PublicDate: 2022-01-19 18:15:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33912
 https://github.com/shevek/libspf2/commit/28faf4624a6a371b11afdb9820078d3b0ee3803d
Description:
 libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might
 allow remote attackers to execute arbitrary code (via an unauthenticated
 e-mail message from anywhere on the Internet) with a crafted SPF DNS
 record, because of incorrect sprintf usage in SPF_record_expand_data in
 spf_expand.c. The vulnerable code may be part of the supply chain of a
 site's e-mail infrastructure (e.g., with additional configuration, Exim can
 use libspf2; the Postfix web site links to unofficial patches for use of
 libspf2 with Postfix; older versions of spfquery relied on libspf2) but
 most often is not.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to: pfsmorigo
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]


Patches_libspf2:
upstream_libspf2: needs-triage
bionic_libspf2: needed
focal_libspf2: needed
hirsute_libspf2: ignored (reached end-of-life)
impish_libspf2: needed
jammy_libspf2: needs-triage
devel_libspf2: needs-triage