Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2014-5119

Published: 26 August 2014

Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules.

Notes

AuthorNote
jdstrand
per researcher (Chris Evans), a path with an even number of
characters to the gconv/ directory makes his exploit harmless. This happens
to be true on Ubuntu with multiarch on 12.04 LTS and higher on amd64 and
i386. Ubuntu 10.04 LTS and armhf on all supported releases has an odd path
length. There are likely other ways to exploit on Ubuntu.
eglibc on 14.10 exists but is scheduled to be removed
the severity was bumped from medium to high once additional research
was revealed on 2014-08-26 (marked PublicDateAtUSN accordingly). There are no
known active exploits against Ubuntu as of 2014-08-28, but they will likely
be available soon.

Priority

High

Status

Package Release Status
eglibc
Launchpad, Ubuntu, Debian
upstream Needed

lucid
Released (2.11.1-0ubuntu7.16)
precise
Released (2.15-0ubuntu10.7)
trusty
Released (2.19-0ubuntu6.3)
glibc
Launchpad, Ubuntu, Debian
upstream Needed

lucid Does not exist

precise Does not exist

trusty Does not exist

Patches:
upstream: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=patch;h=a1a6a401ab0a3c9f15fb7eaebbdcee24192254e8