A security issue was found in mbsync in isync versions before 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for remote code execution.
A security issue was found in mbsync in isync versions before 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for remote code execution.
https://www.openwall.com/lists/oss-security/2021/12/03/1 https://www.openwall.com/lists/oss-security/2021/12/03/1/1 https://sourceforge.net/p/isync/isync/ci/463272eab866a36162fe51813327ca7af2f37ca0/ https://sourceforge.net/p/isync/isync/ci/ba13362a52d8749731ba645e5e50e47862a5b91d/ https://sourceforge.net/p/isync/isync/ci/bc15e571b650270b87e9758916f93eab04992cef/ https://sourceforge.net/p/isync/isync/ci/bc15e571b650270b87e9758916f93eab04992cef/ https://sourceforge.net/p/isync/isync/ci/127003ee37e3eb6d914782be43097338baa32d2b/