A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote code execution on the client.
Created attachment 1788788 [details]
fix for isync 1.3
Created attachment 1788789 [details]
fix isync 1.4
Created isync tracking bugs for this issue:
Affects: epel-all [bug 1968627]
Affects: fedora-all [bug 1968626]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.