CVE-2024-2961

Отчет

The described vulnerability in the iconv() function of GNU C Library, particularly affecting ISO-2022-CN-EXT character set conversions, poses a important severity issue due to its potential for out-of-bound writes. Such buffer overflows can lead to arbitrary memory corruption, which can be exploited by attackers to execute arbitrary code, crash applications, or overwrite critical data structures, including neighboring variables. Given that the overflow can occur with specific, predictable values through SS2designation and SS3designation escape sequences, an attacker could craft malicious input to specifically trigger these overflows. Exploitation of this vulnerability could result in denial of service, privilege escalation, or even remote code execution, posing a significant threat to the security and integrity of affected systems.

Меры по смягчению последствий

This issue can be mitigated by removing the ISO-2022-CN-EXT from glibc-gconv-extra's modules configuration. This can be done by:

1. Verify if the module is loaded by running:

If the grep output looks like the above, ISO-2022-CN-EXT module is enabled. 2) Disabled the module by editing the file located at /usr/lib64/gconv/gconv-modules.d/gconv-modules-extra.conf and comment the following lines. For RHEL 7 the file that needs to be edited is /usr/lib64/gconv/gconv-modules. This step requires to be executed by a privileged user:

For commenting those lines just add the '#' character at the beginning of mentioned lines:

3. Update the iconv cache by running:

4. Check if the module was disabled by running the first step again. This time ISO-2022-CN-EXT should not appear in the output. Please notice that disabling the mentioned gconv module may lead applications relying in the affected module to fail in converting characters and should be used as a temporary mitigation before being able to fully update the affected package.