A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote code execution on the client.
Created attachment 1788788 [details] fix for isync 1.3
Created attachment 1788789 [details] fix isync 1.4
References: https://sourceforge.net/projects/isync/files/isync/1.3.6/ https://sourceforge.net/projects/isync/files/isync/1.4.2/
Created isync tracking bugs for this issue: Affects: epel-all [bug 1968627] Affects: fedora-all [bug 1968626]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.