CVE-2014-9116

Publication date 2 December 2014

Last updated 24 July 2024

Ubuntu priority

The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
mutt	14.10 utopic	Fixed 1.5.23-1.1ubuntu0.2
	14.04 LTS trusty	Fixed 1.5.21-6.4ubuntu2.1
	12.04 LTS precise	Fixed 1.5.21-5ubuntu2.2
	10.04 LTS lucid	Fixed 1.5.20-7ubuntu1.3

Notes

sbeattie

patches that updated SKIP_WSP ended up introducing regressions when displaying headers

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
mutt	Upstream: http://dev.mutt.org/trac/attachment/ticket/3716/ticket-3716-stable.patch

References

Related Ubuntu Security Notices (USN)