CVE-2014-6040

Priority
Description
GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to
cause a denial of service (out-of-bounds read and crash) via a multibyte
character value of "0xffff" to the iconv function when converting (1)
IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to
UTF-8.
References
Bugs
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):released (2.19-0ubuntu6.4)
Package
Source: glibc (LP Ubuntu Debian)
Upstream:released (2.20)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Patches:
Upstream:https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=41488498b6d9440ee66ab033808cce8323bba7ac
More Information

Updated: 2018-09-26 07:04:57 UTC (commit 2c85db1cbbe986be0a0659e41e8f961058e5adca)