Exim maintainers released an urgent security update, Exim version 4.92.3, to address a critical security flaw that could allow a remote attacker to potentially execute malicious code on targeted servers. The flaw is a heap-based buffer overflow, tracked as CVE-2019-16928, that resides in the string_vformat ( string.c ) An attacker could exploit the flaw using an extraordinary long EHLO string to crash the Exim process that is receiving the message.”]
Source: https://securityaffairs.co/wordpress/91914/hacking/exim-critical-flaw.html