""" The following security advisories have been published: GLIBC-SA-2024-0004: =================== ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable. ISO-2022-CN-EXT uses escape sequences to indicate character set changes (as specified by RFC 1922). While the SOdesignation has the expected bounds checks, neither SS2designation nor SS3designation have its; allowing a write overflow of 1, 2, or 3 bytes with fixed values: '$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'. CVE-Id: CVE-2024-2961 Public-Date: 2024-04-17 Vulnerable-Commit: 755104edc75c53f4a0e7440334e944ad3c6b32fc (2.1.93-169) Fix-Commit: f9dc609e06b1136bb0408be9605ce7973a767ada (2.40) Fix-Commit: 31da30f23cddd36db29d5b6a1c7619361b271fb4 (2.39-31) Fix-Commit: e1135387deded5d73924f6ca20c72a35dc8e1bda (2.38-66) Fix-Commit: 89ce64b269a897a7780e4c73a7412016381c6ecf (2.37-89) Fix-Commit: 4ed98540a7fd19f458287e783ae59c41e64df7b5 (2.36-164) Fix-Commit: 36280d1ce5e245aabefb877fe4d3c6cff95dabfa (2.35-315) Fix-Commit: a8b0561db4b9847ebfbfec20075697d5492a363c (2.34-459) Fix-Commit: ed4f16ff6bed3037266f1fa682ebd32a18fce29c (2.33-263) Fix-Commit: 682ad4c8623e611a971839990ceef00346289cc9 (2.32-140) Reported-By: Charles Fol Notes: ====== Published advisories are available directly in the project git repository: https://sourceware.org/git/?p=glibc.git;a=tree;f=advisories;hb=HEAD """
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3931b13e56d8a3fe3d2bcec3f86f1140bcb3217b commit 3931b13e56d8a3fe3d2bcec3f86f1140bcb3217b Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2024-04-18 00:38:17 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2024-04-18 00:39:35 +0000 sys-libs/glibc: 2.38 and 2.39 revbump for CVE-2024-2961, GLIBC-SA-2024-0004 Bug: https://bugs.gentoo.org/930177 Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org> sys-libs/glibc/Manifest | 2 + sys-libs/glibc/glibc-2.38-r12.ebuild | 1724 ++++++++++++++++++++++++++++++++++ sys-libs/glibc/glibc-2.39-r3.ebuild | 1724 ++++++++++++++++++++++++++++++++++ 3 files changed, 3450 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2f55bd37a5e0c43c06a528909afb2b1e786173a3 commit 2f55bd37a5e0c43c06a528909afb2b1e786173a3 Author: Sam James <sam@gentoo.org> AuthorDate: 2024-04-18 02:42:14 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-04-18 02:42:14 +0000 sys-libs/glibc: keyword 2.39-r3 Bug: https://bugs.gentoo.org/930177 Signed-off-by: Sam James <sam@gentoo.org> sys-libs/glibc/glibc-2.39-r3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c8234d44e99abfd5a655d66b63979db4ca853354 commit c8234d44e99abfd5a655d66b63979db4ca853354 Author: Sam James <sam@gentoo.org> AuthorDate: 2024-04-18 01:52:17 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-04-18 01:52:17 +0000 sys-libs/glibc: keyword 2.38-r12 Bug: https://bugs.gentoo.org/930177 Signed-off-by: Sam James <sam@gentoo.org> sys-libs/glibc/glibc-2.38-r12.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
