oss-sec mailing list archives
glibc iconv crash with ISO-2022-JP-3
From: Tavis Ormandy <taviso () gmail com>
Date: Wed, 27 Jan 2021 15:16:40 -0000 (UTC)
Hello list, I suddenly got interested in mutt attack surface after
CVE-2021-3181, and some testing found a crash via charset conversion
glibc. It's just an abort(), I don't think there's any further impact.
I believe this would crash anything that does character conversion with
iconv. Mail clients do automatic charset conversion when they see a
Subject like:
Subject: =?ISO-2022-JP-3?B?.....
or a MIME header like this:
Content-Type: text/plain; charset=ISO-2022-JP-3
The impact is just that you can't open your mail client, because it
crashes as soon as it sees the subject.
Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=27256
Patch: https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html
Thanks, Tavis.
--
_o) $ lynx lock.cmpxchg8b.com
/\\ _o) _o) $ finger taviso () sdf org
_\_V _( ) _( ) @taviso
Current thread:
- glibc iconv crash with ISO-2022-JP-3 Tavis Ormandy (Jan 27)
- Re: glibc iconv crash with ISO-2022-JP-3 Siddhesh Poyarekar (Jan 27)
- Re: glibc iconv crash with ISO-2022-JP-3 Siddhesh Poyarekar (Jan 28)
- Re: glibc iconv crash with ISO-2022-JP-3 Siddhesh Poyarekar (Jan 27)