Уязвимость CVE-2024-2961: Информация

Описание

The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.

URL: https://nvd.nist.gov/vuln/detail/CVE-2024-2961
Опубликовано: 17 апреля 2024 г.
Изменено: 10 июня 2024 г.

Исправленные пакеты

Имя пакета
Ветка
Исправлено в версии
Версия в репозитории
Errata ID
№ Задания
Состояние
glibcsisyphus2.38.0.66.ge1135387de-alt12.38.0.76.e9f05fa1c6-alt1ALT-PU-2024-6976-2345667Исправлено
glibcsisyphus_riscv642.38.0.66.ge1135387de-alt12.38.0.76.e9f05fa1c6-alt1ALT-PU-2024-8052-1-Исправлено
glibcsisyphus_loongarch642.38.0.76.e9f05fa1c6-alt1.0.port2.38.0.76.e9f05fa1c6-alt1.0.portALT-PU-2024-7462-1-Исправлено
glibcp102.32-alt5.p10.32.32-alt5.p10.3ALT-PU-2024-7271-3347164Исправлено
glibcc10f12.32-alt5.p10.32.32-alt5.p10.3ALT-PU-2024-7402-2347166Исправлено
glibcp112.38.0.66.ge1135387de-alt12.38.0.76.e9f05fa1c6-alt1ALT-PU-2024-6976-2345667Исправлено

Ссылки на рекомендации, решения и инструменты

Ссылка
Ресурс
https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004
    https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/
      https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/
        https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/
          http://www.openwall.com/lists/oss-security/2024/04/24/2
            http://www.openwall.com/lists/oss-security/2024/04/17/9
              http://www.openwall.com/lists/oss-security/2024/04/18/4
                https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html
                  http://www.openwall.com/lists/oss-security/2024/05/27/2
                    http://www.openwall.com/lists/oss-security/2024/05/27/6
                      http://www.openwall.com/lists/oss-security/2024/05/27/1
                        http://www.openwall.com/lists/oss-security/2024/05/27/4
                          http://www.openwall.com/lists/oss-security/2024/05/27/5
                            http://www.openwall.com/lists/oss-security/2024/05/27/3
                              https://security.netapp.com/advisory/ntap-20240531-0002/
                                VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                                Версия: v24.5.3
                                Наверх