The ICAO documents contain the complete specification. It is moderately complex and involves twiddling lots of bits. So I've no doubt that a passport reader somewhere isn't doing bounds checking properly.

But you could achieve much the same effect with a hammer.

But could a hammer deliver a malicious payload that could spread in the system? I'm not sure if you could do that with data on the chip, but maybe.

Yes, but so could a sticker with a QR code containing some exploit that the optical passport reader scans.

I don't think it's a particularly different attack vector just because the chip is "active". Competent systems would treat all data received from it as potentially harmful until proven otherwise.

this reminds me of the plot to Black Mirror's Plaything :-)

I'm glad the subtle reference landed :)

Burning a zero day like that in front of border / travel officers will probably land you in prison very quickly.

You can transmit arbitrary data in certain steps of the passport reading process. The possibility of disruption depends on whether the reading system has bugs exploitable by the incoming data.

I've seen crashes in PKCS#11 drivers when reading cards with malformed data. So, the possibility, in theory, is always there.