oss-sec mailing list archives
Re: [musl] CVE-2025-26519: musl libc: input-controlled out-of-bounds write primitive in iconv()
From: Daniel Gutson <danielgutson () gmail com>
Date: Fri, 14 Feb 2025 07:58:01 -0300
El vie, 14 feb 2025, 07:14, Nick Wellnhofer <wellnhofer () aevum de> escribió:
On Feb 13, 2025, at 23:28, Daniel Gutson <danielgutson () gmail com> wrote:Curious: is there any info about how this was discovered?The bug was discovered with basic fuzz testing. As libxml2 maintainer, I found more and more issues in various iconv implementations by accident which is a strong indicator that all this code isn't tested enough. The iconv API is also trivial to fuzz, so it seemed like a nice weekend project.
Thanks, AFL? My work is related to static checkers and linters (we will contribute an important patch to weggli soon), so I was wondering if you used something that used symbolic execution. Nice job!
Nick
Current thread:
- CVE-2025-26519: musl libc: input-controlled out-of-bounds write primitive in iconv() Rich Felker (Feb 13)
- Re: [musl] CVE-2025-26519: musl libc: input-controlled out-of-bounds write primitive in iconv() Rich Felker (Feb 13)
- Re: [musl] CVE-2025-26519: musl libc: input-controlled out-of-bounds write primitive in iconv() Daniel Gutson (Feb 13)
- Re: [musl] CVE-2025-26519: musl libc: input-controlled out-of-bounds write primitive in iconv() Rich Felker (Feb 13)
- Re: [musl] CVE-2025-26519: musl libc: input-controlled out-of-bounds write primitive in iconv() Nick Wellnhofer (Feb 14)
- Re: [musl] CVE-2025-26519: musl libc: input-controlled out-of-bounds write primitive in iconv() Daniel Gutson (Feb 14)