CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
87.0%
Package : eglibc
Version : 2.11.3-4+deb6u2
CVE ID : CVE-2012-6656 CVE-2014-6040 CVE-2014-7817
CVE-2012-6656
Fix validation check when converting from ibm930 to utf.
When converting IBM930 code with iconv(), if IBM930 code which
includes invalid multibyte character "0xffff" is specified, then
iconv() segfaults.
CVE-2014-6040
Crashes on invalid input in IBM gconv modules [BZ #17325]
These changes are based on the fix for BZ #14134 in commit
6e230d11837f3ae7b375ea69d7905f0d18eb79e5.
CVE-2014-7817
The function wordexp() fails to properly handle the WRDE_NOCMD
flag when processing arithmetic inputs in the form of "$((... ``))"
where "..." can be anything valid. The backticks in the arithmetic
epxression are evaluated by in a shell even if WRDE_NOCMD forbade
command substitution. This allows an attacker to attempt to pass
dangerous commands via constructs of the above form, and bypass
the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD
in exec_comm(), the only place that can execute a shell. All other
checks for WRDE_NOCMD are superfluous and removed.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | powerpc | libc6-ppc64 | < 2.13-38+deb7u7 | libc6-ppc64_2.13-38+deb7u7_powerpc.deb |
Debian | 7 | ia64 | libc-dev-bin | < 2.13-38+deb7u7 | libc-dev-bin_2.13-38+deb7u7_ia64.deb |
Debian | 7 | sparc | libc6 | < 2.13-38+deb7u7 | libc6_2.13-38+deb7u7_sparc.deb |
Debian | 7 | mips | libc-dev-bin | < 2.13-38+deb7u7 | libc-dev-bin_2.13-38+deb7u7_mips.deb |
Debian | 6 | i386 | libc-bin | < 2.11.3-4+deb6u2 | libc-bin_2.11.3-4+deb6u2_i386.deb |
Debian | 7 | s390x | libc6-dbg | < 2.13-38+deb7u7 | libc6-dbg_2.13-38+deb7u7_s390x.deb |
Debian | 7 | all | eglibc-source | < 2.13-38+deb7u7 | eglibc-source_2.13-38+deb7u7_all.deb |
Debian | 7 | armhf | locales-all | < 2.13-38+deb7u7 | locales-all_2.13-38+deb7u7_armhf.deb |
Debian | 6 | i386 | libc6-prof | < 2.11.3-4+deb6u2 | libc6-prof_2.11.3-4+deb6u2_i386.deb |
Debian | 7 | s390 | libc6-dev | < 2.13-38+deb7u7 | libc6-dev_2.13-38+deb7u7_s390.deb |