[Debian] Medium CVE: CVE-2024-2961 glibc
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
Wentao Zhang |
Bug Description
CVE-2024-2961: https:/
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
Base Score: Medium
Reference:
['libc6_
https:/
CVE References
tags: |
added: stx.10.0 stx.security removed: stx.se |
Changed in starlingx: | |
assignee: | nobody → Wentao Zhang (wzhang4) |
Fix proposed to branch: master /review. opendev. org/c/starlingx /tools/ +/917289
Review: https:/