#VU41360 Input validation error in Glibc


Published: 2014-08-29 | Updated: 2020-08-10

Vulnerability identifier: #VU41360

Vulnerability risk: Medium

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2014-5119

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Glibc
Universal components / Libraries / Libraries used by multiple products

Vendor: GNU

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Glibc: 2.0 - 2.1.97

External links
http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html
http://linux.oracle.com/errata/ELSA-2015-0092.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00017.html
http://rhn.redhat.com/errata/RHSA-2014-1118.html
http://seclists.org/fulldisclosure/2014/Aug/69
http://secunia.com/advisories/60345
http://secunia.com/advisories/60358
http://secunia.com/advisories/60441
http://secunia.com/advisories/61074
http://secunia.com/advisories/61093
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-5119
http://www.debian.org/security/2014/dsa-3012
http://www.mandriva.com/security/advisories?name=MDVSA-2014:175
http://www.openwall.com/lists/oss-security/2014/07/14/1
http://www.openwall.com/lists/oss-security/2014/08/13/5
http://www.securityfocus.com/bid/68983
http://www.securityfocus.com/bid/69738
http://www-01.ibm.com/support/docview.wss?uid=swg21685604
http://code.google.com/p/google-security-research/issues/detail?id=96
http://rhn.redhat.com/errata/RHSA-2014-1110.html
http://security.gentoo.org/glsa/201602-02
http://sourceware.org/bugzilla/show_bug.cgi?id=17187

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in IBM FlashSystem (and TMS RAMSAN) 710, 720, 810, and 820 systems
SUSE Linux update for glibc
SUSE Linux update for glibc
Amazon Linux AMI update for glibc
Input validation error in GNU Glibc
Input validation error in IBM ProtecTIER