Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 521932 (CVE-2014-6040)

Summary: <sys-libs/glibc-2.20: out-of-bounds reads (CVE-2014-6040)
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: toolchain
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=41488498b6d9440ee66ab033808cce8323bba7ac
See Also: https://sourceware.org/bugzilla/show_bug.cgi?id=17325
Whiteboard: A3 [glsa]
Package list:
Runtime testing required: ---
Bug Depends on: 516884, 544034    
Bug Blocks:    

Description Agostino Sarubbo gentoo-dev 2014-09-02 08:14:16 UTC 
From ${URL} :

Today, Adhemerval Zanella Netto reported in additional code page 
decoding functions (IBM933, IBM935, IBM937, IBM939, IBM1364):

<https://sourceware.org/bugzilla/show_bug.cgi?id=17325>
<https://sourceware.org/ml/libc-alpha/2014-08/msg00473.html>

Upstream commit is still pending.

These crashers are out-of-bounds reads at a fixed offset relative to the 
data segment of a DSO, and in all cases I've seen, they were right in 
the middle of an unmapped segment of the same DSO.  This means that 
these bugs are just crashers, but they can still result in 
denial-of-service conditions.



@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2014-09-09 23:15:23 UTC 
From Upstream:
"08 Septtember 2014
The GNU C Library version 2.20 is now available"
https://sourceware.org/ml/libc-alpha/2014-09/msg00088.html

Maintainer(s): after the bump please let us know when the ebuild is ready for  stabilization.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2015-01-11 20:50:37 UTC 
CVE-2014-6040 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6040):
  GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to
  cause a denial of service (out-of-bounds read and crash) via a multibyte
  character value of "0xffff" to the iconv function when converting (1)
  IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to
  UTF-8.
Comment 4 Yury German Gentoo Infrastructure gentoo-dev 2015-03-03 04:03:25 UTC 
Setting to blocker Bug #516884 (for glibc-2.20)
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2016-02-17 15:37:57 UTC 
This issue was resolved and addressed in
 GLSA 201602-02 at https://security.gentoo.org/glsa/201602-02
by GLSA coordinator Tobias Heinlein (keytoaster).