The iconv() function in the GNU C Library versions 2.39 and older may
overflow the output buffer passed to it by up to 4 bytes when converting
strings to the ISO-2022-CN-EXT character set, which may be used to crash an
application or overwrite a neighbouring variable.
Author | Note |
---|---|
leosilva | introduced in 755104edc (v2.1.94) |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 14.04 | noarch | eglibc | < 2.19-0ubuntu6.15+esm3) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
ubuntu | 18.04 | noarch | glibc | < 2.27-3ubuntu1.6+esm2) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
ubuntu | 20.04 | noarch | glibc | < 2.31-0ubuntu9.15 | UNKNOWN |
ubuntu | 22.04 | noarch | glibc | < 2.35-0ubuntu3.7 | UNKNOWN |
ubuntu | 23.10 | noarch | glibc | < 2.38-1ubuntu6.2 | UNKNOWN |
ubuntu | 24.04 | noarch | glibc | < 2.39-0ubuntu8.1 | UNKNOWN |
ubuntu | 16.04 | noarch | glibc | < 2.23-0ubuntu11.3+esm6) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |