oss-sec mailing list archives
glibc iconv crash with ISO-2022-JP-3
From: Tavis Ormandy <taviso () gmail com>
Date: Wed, 27 Jan 2021 15:16:40 -0000 (UTC)
Hello list, I suddenly got interested in mutt attack surface after CVE-2021-3181, and some testing found a crash via charset conversion glibc. It's just an abort(), I don't think there's any further impact. I believe this would crash anything that does character conversion with iconv. Mail clients do automatic charset conversion when they see a Subject like: Subject: =?ISO-2022-JP-3?B?..... or a MIME header like this: Content-Type: text/plain; charset=ISO-2022-JP-3 The impact is just that you can't open your mail client, because it crashes as soon as it sees the subject. Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=27256 Patch: https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html Thanks, Tavis. -- _o) $ lynx lock.cmpxchg8b.com /\\ _o) _o) $ finger taviso () sdf org _\_V _( ) _( ) @taviso
Current thread:
- glibc iconv crash with ISO-2022-JP-3 Tavis Ormandy (Jan 27)
- Re: glibc iconv crash with ISO-2022-JP-3 Siddhesh Poyarekar (Jan 27)
- Re: glibc iconv crash with ISO-2022-JP-3 Siddhesh Poyarekar (Jan 28)
- Re: glibc iconv crash with ISO-2022-JP-3 Siddhesh Poyarekar (Jan 27)