A recently discovered vulnerability in the standard SIBLITETIC MUSL has been revealed, which can lead to buffer overflow when converting specially designed text from EUC-KR coding to UTF-8 using the ICONV() function. The vulnerability, identified as CVE-2024-2961, is present in Musl version 0.9.13 and will be addressed in the upcoming release 1.2.6. Until the update is released, a patch can be used to mitigate the risk.
This vulnerability could potentially be exploited to launch attacks on applications utilizing the MUSL library to transcode text from external sources. It occurs when the iConv_open() function is called with the EUC-KR initial encoding and UTF-8 target encoding. Applications that transcode XML, HTML, and email content based on the encoding specified in the MIME type header (e.g., “Text/Plain; Charset = EUC-KR”) are at risk.
The vulnerability stems from two errors. The first error is related to the absence of error checking for invalid Unicode scalar values, while the second error lies in the UTF-8 encoder not accounting for the possibility of receiving unacceptable scalar values from the input decoder. This oversight results in the processing of sequences such as “xc8x41” causing values to be written outside the allotted buffer space.