CVE-2024-2961: The GNU C Library security advisories update for 2024-04-17: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence
First published: Thu Apr 04 2024(Updated: )
GNU C Library could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in the ISO-2022-CN-EXT plugin. By sending specially crafted input, an attacker could exploit this vulnerability to overwrite critical data structures and execute arbitrary code on the system or cause the application to crash.
Credit: 3ff69d7a-14f2-4f67-a097-88dee7810d18 3ff69d7a-14f2-4f67-a097-88dee7810d18
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Security Verify Governance, Identity Manager software component | <=ISVG 10.0.2 | |
| IBM Security Verify Governance, Identity Manager virtual appliance component | <=ISVG 10.0.2 | |
| debian/glibc | 2.31-13+deb11u11 2.31-13+deb11u10 2.36-9+deb12u9 2.36-9+deb12u7 2.40-6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.bleepingcomputer.com/news/security/cosmicsting-flaw-impacts-75-percent-of-adobe-commerce-magento-sites/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/
- https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004
- https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html
- http://www.openwall.com/lists/oss-security/2024/04/17/9
- http://www.openwall.com/lists/oss-security/2024/04/18/4
- http://www.openwall.com/lists/oss-security/2024/04/24/2
- https://security.netapp.com/advisory/ntap-20240531-0002/
- http://www.openwall.com/lists/oss-security/2024/05/27/1
- http://www.openwall.com/lists/oss-security/2024/05/27/2
- http://www.openwall.com/lists/oss-security/2024/05/27/3
- http://www.openwall.com/lists/oss-security/2024/05/27/4
- http://www.openwall.com/lists/oss-security/2024/05/27/5
- http://www.openwall.com/lists/oss-security/2024/05/27/6
- https://launchpad.net/bugs/cve/CVE-2024-2961
- http://www.openwall.com/lists/oss-security/2024/07/22/5
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961
- https://nvd.nist.gov/vuln/detail/CVE-2024-2961
- https://security-tracker.debian.org/tracker/CVE-2024-2961
- https://ubuntu.com/security/CVE-2024-2961
- https://www.theregister.com/2024/10/04/cisco_ray_ban_whirpool_cosmicsting_hack/
- https://www.bleepingcomputer.com/news/security/over-4-000-adobe-commerce-magento-shops-hacked-in-cosmicsting-attacks/
- https://www.ambionics.io/blog/iconv-cve-2024-2961-p1
- https://www.ambionics.io/blog/iconv-cve-2024-2961-p2
- https://www.ambionics.io/blog/iconv-cve-2024-2961-p3
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2275855
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2275933
- https://access.redhat.com/errata/RHSA-2024:2722
- https://access.redhat.com/errata/RHSA-2024:2799
- https://access.redhat.com/errata/RHSA-2024:3269
- https://access.redhat.com/errata/RHSA-2024:3309
- https://access.redhat.com/errata/RHSA-2024:3312
- https://access.redhat.com/errata/RHSA-2024:3339
- https://access.redhat.com/errata/RHSA-2024:3423
- https://access.redhat.com/errata/RHSA-2024:3411
- https://access.redhat.com/errata/RHSA-2024:3464
- https://access.redhat.com/errata/RHSA-2024:3588
- https://access.redhat.com/errata/RHSA-2024:7590
- https://access.redhat.com/errata/RHSA-2024:7599
- https://access.redhat.com/errata/RHSA-2024:7594
- https://access.redhat.com/errata/RHSA-2024:7939
- https://access.redhat.com/errata/RHSA-2024:8235
- https://bugzilla.redhat.com/show_bug.cgi?id=2273404
- https://www.openwall.com/lists/oss-security/2024/04/17/9
- https://www.openwall.com/lists/oss-security/2024/04/18/4
- https://sourceware.org/git?p=glibc.git;a=commit;h=755104edc75c53f4a0e7440334e944ad3c6b32fc
- https://sourceware.org/git?p=glibc.git;a=commit;h=f9dc609e06b1136bb0408be9605ce7973a767ada
- https://github.com/ambionics/cnext-exploits/
- https://www.ibm.com/support/pages/node/7172423 (Advisory)
Frequently Asked Questions
What is the severity of CVE-2024-2961?
CVE-2024-2961 is considered a critical vulnerability due to its potential for remote code execution.
How can CVE-2024-2961 be exploited?
CVE-2024-2961 can be exploited by sending specially crafted input to the affected system, causing an out-of-bounds write.
What software is affected by CVE-2024-2961?
CVE-2024-2961 affects IBM Security Verify Governance, Identity Manager software and its virtual appliance, as well as specific versions of the glibc package in Debian.
How do I fix CVE-2024-2961?
To fix CVE-2024-2961, update to the latest patched versions of affected software and libraries as specified by your vendor.
Is there a workaround for CVE-2024-2961 until a patch is applied?
Currently, there is no publicly documented workaround for CVE-2024-2961; applying the patch is strongly recommended.
- agent/weakness
- agent/type
- collector/oss-sec
- source/oss-sec
- alias/CVE-2024-2961
- agent/title
- agent/author
- agent/remedy
- agent/first-publish-date
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-34102
- collector/launchpad-cve
- source/Launchpad
- collector/nvd-api
- source/NVD
- agent/severity
- collector/usn-cve
- source/Ubuntu
- agent/description
- collector/the-register
- source/The Register
- collector/mitre-cve
- source/MITRE
- collector/nvd-cve
- collector/redhat-bugzilla
- source/Red Hat
- agent/last-modified-date
- agent/source
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- agent/references
- agent/softwarecombine
- agent/tags
- agent/trending
- agent/event
- collector/security-tracker-debian
- source/Debian
- vendor/ibm
- canonical/ibm security verify governance, identity manager software component
- version/ibm security verify governance, identity manager software component/isvg 10.0.2
- canonical/ibm security verify governance, identity manager virtual appliance component
- version/ibm security verify governance, identity manager virtual appliance component/isvg 10.0.2
- package-manager/debian