Bug#930648: exim4-daemon-heavy: Weird leakage of unrelated data like /etc/aliases into /var/spool/exim4/input/*-H

Bjoern Buerger bbu at pengutronix.de
Mon Jun 17 14:55:58 BST 2019 

Package: exim4-daemon-heavy
Version: 4.92-7
Severity: important

Dear Maintainer,

The following is currently just an observation, as we haven't been able to
reproduce the problem yet. It might be caused by faulty memory on the
affected server but it could also be related to CVE-2019-10149 fixes, which
where applied just before we saw the problem for the first time:

Observations:

* Four days ago, we recognized some frozen Mails in one
  of our exim4 mail queues with error messages like
  "spool format error: size=9934 ***"

* While inspecting the Spool directories, we found unrelated
  data concatenated to all affected /var/spool/exim4/input/*-H
  files. Mostly parts of /etc/aliases (mostly chunks of ~100
  lines, but from different locations in the file)

* What led up to the situation?

  No idea.

  We did update to 4.92-7 from bpo before we saw the problem for
  the first time. The server had ~100 days of uptime and is
  processing a few thousand emails every day, but only a
  handfull seem to be affected by this. We haven't
  been able to reproduce the problem yet.

  We can see the incoming email in our logs

  Example:

  2019-06-13 17:55:22 1hbS4P-0004q8-LL <= linux-usb-owner at vger.kernel.org \
  H=vger.kernel.org [209.132.180.67] P=esmtp K S=9996 DKIM=linaro.org [...]

  The first error message is logged with the same timestamp:

  2019-06-13 17:55:22 1hbS4P-0004q8-LL Format error in spool file 1hbS4P-0004q8-LL-H: size=9934

If anyone has seen something like this before, I'd really appreceate
a pointer to some more information :-)

With kind regards,
Bjørn

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: 9.9
  APT prefers stable-updates
  APT policy: (990, 'stable-updates'), (990, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-0.bpo.4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

More information about the Pkg-exim4-maintainers mailing list