CVE 2014-6040
GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of "0xffff" to the iconv function when converting (1) IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to UTF-8.
Related bugs and status
CVE-2014-6040 (Candidate) is related to these bugs:
Bug #1341569: Shared libraries built with multiple tocs resolve plt to local function entry
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1341569 | Shared libraries built with multiple tocs resolve plt to local function entry | glibc (Ubuntu) | Undecided | Fix Released | ||
1341569 | Shared libraries built with multiple tocs resolve plt to local function entry | glibc (Ubuntu Utopic) | Undecided | Won't Fix | ||
1341569 | Shared libraries built with multiple tocs resolve plt to local function entry | glibc (Ubuntu Trusty) | Undecided | New |
Bug #1381656: obsolete config: /etc/ld.so.conf.d/i686-linux-gnu.conf
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1381656 | obsolete config: /etc/ld.so.conf.d/i686-linux-gnu.conf | glibc (Ubuntu) | Undecided | Fix Released |
Bug #1396471: glibc vulnerability CVE-2014-7817
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1396471 | glibc vulnerability CVE-2014-7817 | eglibc (Ubuntu) | Undecided | Invalid | ||
1396471 | glibc vulnerability CVE-2014-7817 | eglibc (Ubuntu Vivid) | Undecided | Invalid | ||
1396471 | glibc vulnerability CVE-2014-7817 | eglibc (Ubuntu Lucid) | Medium | Fix Released | ||
1396471 | glibc vulnerability CVE-2014-7817 | eglibc (Ubuntu Precise) | Medium | Fix Released | ||
1396471 | glibc vulnerability CVE-2014-7817 | eglibc (Ubuntu Trusty) | Medium | Fix Released | ||
1396471 | glibc vulnerability CVE-2014-7817 | eglibc (Ubuntu Utopic) | Undecided | Invalid | ||
1396471 | glibc vulnerability CVE-2014-7817 | glibc (Ubuntu) | Medium | Fix Released | ||
1396471 | glibc vulnerability CVE-2014-7817 | glibc (Ubuntu Lucid) | Undecided | Invalid | ||
1396471 | glibc vulnerability CVE-2014-7817 | glibc (Ubuntu Precise) | Undecided | Invalid | ||
1396471 | glibc vulnerability CVE-2014-7817 | glibc (Ubuntu Trusty) | Undecided | Invalid | ||
1396471 | glibc vulnerability CVE-2014-7817 | glibc (Ubuntu Utopic) | Medium | Fix Released | ||
1396471 | glibc vulnerability CVE-2014-7817 | glibc (Ubuntu Vivid) | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.