FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- iconv(3) NULL pointer dereference and out-of-bounds array access

Affected packages
10.0 <= FreeBSD < 10.0_6

Details

VuXML ID 6f91a709-6007-11e6-a6c3-14dae9d210b8
Discovery 2014-06-24
Entry 2016-08-11

Problem Description:

A NULL pointer dereference in the initialization code of the HZ module and an out of bounds array access in the initialization code of the VIQR module make iconv_open(3) calls involving HZ or VIQR result in an application crash.

Impact:

Services where an attacker can control the arguments of an iconv_open(3) call can be caused to crash resulting in a denial-of-service. For example, an email encoded in HZ may cause an email delivery service to crash if it converts emails to a more generic encoding like UTF-8 before applying filtering rules.

References

CVE Name CVE-2014-3951
FreeBSD Advisory SA-14:15.iconv