CVE-2020-28015: 
Exim vulnerability analysis and mitigation

CVE-2020-28015 is a local privilege escalation vulnerability in Exim mail server versions before 4.94.2. The vulnerability allows local users to alter the behavior of root processes by injecting newline characters into recipient addresses, which can lead to improper neutralization of line delimiters (Exim Doc, NVD).

The vulnerability exists in Exim's spool header file handling mechanism. When Exim receives a mail, it creates two files in the input subdirectory of its spool directory: a data file containing the mail body and a header file containing headers and metadata. An unprivileged local attacker can send mail to a recipient whose address contains '\n' characters, allowing them to inject new lines into the spool header file and manipulate Exim's behavior (Exim Doc).

The vulnerability allows local users to escalate privileges to root when deliverdropprivilege is set to false (the default configuration). By exploiting this vulnerability, attackers can execute arbitrary commands with root privileges, potentially leading to complete system compromise (Exim Doc).

The vulnerability was fixed in Exim version 4.94.2. Users are strongly advised to upgrade to this version or later. Multiple Linux distributions have released security updates to address this vulnerability, including Debian and Ubuntu (Debian Tracker, Ubuntu Notice).