CVE-2014-5119

EUVD-2014-5017
Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
gnuglibc
𝑥
< 2.20
debiandebian_linux
7.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
glibc
bookworm
2.36-9+deb12u8
fixed
bookworm (security)
2.36-9+deb12u7
fixed
bullseye
2.31-13+deb11u11
fixed
bullseye (security)
2.31-13+deb11u10
fixed
sid
2.40-3
fixed
trixie
2.40-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
eglibc
lucid
Fixed 2.11.1-0ubuntu7.16
released
precise
Fixed 2.15-0ubuntu10.7
released
trusty
Fixed 2.19-0ubuntu6.3
released
glibc
lucid
dne
precise
dne
trusty
dne
Common Weakness Enumeration
References
http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html
http://linux.oracle.com/errata/ELSA-2015-0092.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00017.html
http://rhn.redhat.com/errata/RHSA-2014-1118.html
http://seclists.org/fulldisclosure/2014/Aug/69
http://secunia.com/advisories/60345
http://secunia.com/advisories/60358
http://secunia.com/advisories/60441
http://secunia.com/advisories/61074
http://secunia.com/advisories/61093
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-5119
http://www-01.ibm.com/support/docview.wss?uid=swg21685604
http://www.debian.org/security/2014/dsa-3012
http://www.mandriva.com/security/advisories?name=MDVSA-2014:175
http://www.openwall.com/lists/oss-security/2014/07/14/1
http://www.openwall.com/lists/oss-security/2014/08/13/5
http://www.securityfocus.com/bid/68983
http://www.securityfocus.com/bid/69738
https://code.google.com/p/google-security-research/issues/detail?id=96
https://rhn.redhat.com/errata/RHSA-2014-1110.html
https://security.gentoo.org/glsa/201602-02
https://sourceware.org/bugzilla/show_bug.cgi?id=17187
http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html
http://linux.oracle.com/errata/ELSA-2015-0092.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00017.html
http://rhn.redhat.com/errata/RHSA-2014-1118.html
http://seclists.org/fulldisclosure/2014/Aug/69
http://secunia.com/advisories/60345
http://secunia.com/advisories/60358
http://secunia.com/advisories/60441
http://secunia.com/advisories/61074
http://secunia.com/advisories/61093
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-5119
http://www-01.ibm.com/support/docview.wss?uid=swg21685604
http://www.debian.org/security/2014/dsa-3012
http://www.mandriva.com/security/advisories?name=MDVSA-2014:175
http://www.openwall.com/lists/oss-security/2014/07/14/1
http://www.openwall.com/lists/oss-security/2014/08/13/5
http://www.securityfocus.com/bid/68983
http://www.securityfocus.com/bid/69738
https://code.google.com/p/google-security-research/issues/detail?id=96
https://rhn.redhat.com/errata/RHSA-2014-1110.html
https://security.gentoo.org/glsa/201602-02
https://sourceware.org/bugzilla/show_bug.cgi?id=17187