Executive Summary

This vulnerability is a NULL pointer dereference in the show_sig_summary() function of the Mutt email client before version 2.3.2.

Specifically, when the error code is GPG_ERR_NO_PUBKEY, the key variable becomes NULL. The function does not check if the key is NULL before trying to access key->subkeys->expires, which leads to a crash.

The issue is fixed by adding a check to safely handle NULL keys before dereferencing them.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can cause the Mutt email client to crash when processing certain signature summaries involving missing public keys.

Because it is a NULL pointer dereference leading to a crash, it results in a denial of service (DoS) condition for the user.

The CVSS score of 2.5 indicates a low severity impact, requiring local access with high attack complexity and user interaction.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate this vulnerability, update the Mutt email client to version 2.3.2 or later where the NULL pointer dereference in the show_sig_summary() function has been fixed.

The fix ensures that the function safely handles NULL keys by checking for NULL before dereferencing, preventing crashes caused by the vulnerability.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability is a NULL pointer dereference in the show_sig_summary() function of the Mutt email client before version 2.3.2. Detection involves identifying if you are running a vulnerable version of Mutt.

You can check the installed version of Mutt on your system by running the following command:

• mutt -v

If the version is earlier than 2.3.2, your system is potentially vulnerable.

Since the vulnerability causes a NULL pointer dereference leading to a crash when processing certain GPG keys, monitoring Mutt crashes or logs for errors related to show_sig_summary or GPG_ERR_NO_PUBKEY may also help detect exploitation attempts.

Useful 0 Not Useful 0