FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

hcode -- buffer overflow in mail.c

Affected packages
ko-hcode < 2.1.3_2


VuXML ID da4adc02-07f4-11ef-960d-5404a68ad561
Discovery 2024-04-29
Entry 2024-05-01

The openSUSE project reports:

The problematic function in question is putSDN() in mail.c. The static variable `cp` is used as an index for a fixed-sized buffer `ibuf`. There is a range check: `if ( cp >= HDR_BUF_LEN ) ...` but under certain circumstances, cp can be incremented beyond the buffer size, leading to a buffer overwrite


CVE Name CVE-2024-34020