This is a remote EXIM hang and crash, as reported here. This happens in the same version as above (2017-11-23).
- Reported 2017-11-23 by meh@devco.re.
- Vulnerability (according to report) is in git master at revision 01c594601670c7e48e676d6c6d32d0f0084067fa.
- The initial test was on 4.89.
- There is an RIP-controllable POC, an updated POC, and the Makefile is given. More detailed writeup from devco.re, and then a separate blog on indepdently reproducing including how to build exim and reproduce.
See the CVE-2017-16944/README.md for more information.