Buffer Overflow Vulnerability in GNU C Library's iconv() Function
Key Information
- Vendor
- The Gnu C Library
- Status
- Glibc
- Vendor
- Published:
- 17 April 2024
Badges
Summary
The GNU C Library has identified a buffer overflow vulnerability in the iconv() function when converting strings to the ISO-2022-CN-EXT character set, affecting versions 2.39 and older. This vulnerability could potentially cause an application to crash or overwrite a neighboring variable. There are no known exploitations of this vulnerability at this time, and no indication of ransomware groups targeting this specific issue. The GNU C Library has released a security advisory and fix for the vulnerability.
Affected Version(s)
glibc < 2.40
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
News - New 28 year old Php/gnu c buffer overflow vulnerability.
https://nvd.nist.gov/vuln/detail/CVE-2024-2961 Breakdown of vulnerability. (Not sponsored): Note that php is not in the asuswrt-merlin firmware, but...
1 week ago
/g/ - CVE-2024-2961 - Technology - 4chan
CVE-2024-2961 - "/g/ - Technology" is 4chan's imageboard for discussing computer hardware and software, programming, and general technology.
1 week ago
/g/ - CVE-2024-2961 - Technology - 4chan
CVE-2024-2961 - "/g/ - Technology" is 4chan's imageboard for discussing computer hardware and software, programming, and general technology.
1 week ago
Timeline
- 👾
Exploit exists.
First article discovered by daily.dev
Vulnerability published.
Vulnerability Reserved.