cbcvebase.
CVE-2019-5600
published 2019-07-03

CVE-2019-5600: In FreeBSD 12.0-STABLE before r349622, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349624, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE…

PriorityP260critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
4.86%
90.9th percentile
In FreeBSD 12.0-STABLE before r349622, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349624, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in iconv implementation may allow an attacker to write past the end of an output buffer. Depending on the implementation, an attacker may be able to create a denial of service, provoke incorrect program behavior, or induce a remote code execution.

Affected

4 ranges
VendorProductVersion rangeFixed in
freebsdfreebsd
freebsdfreebsd
freebsdfreebsd
freebsdfreebsd

Detection & IOCsextracted from sources · hover to see the quote

urlhttps://security.FreeBSD.org/patches/SA-19:09/iconv.patch
urlhttps://security.FreeBSD.org/patches/SA-19:09/iconv.patch.asc
  • The vulnerability resides in the iconv(3) implementation within FreeBSD libc. Monitor for out-of-bounds write conditions triggered by iconv calls, particularly in daemons or applications processing attacker-controlled character encoding conversions.
  • Stack canaries (-fstack-protector) are enabled by default on FreeBSD and provide partial defense against code injection via this vulnerability, but do NOT prevent denial-of-service exploitation. Detection of crashes or abnormal termination in iconv-using daemons may indicate exploitation attempts.
  • Identify vulnerable FreeBSD versions in scope: 12.0-STABLE before r349622, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349624, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11.
  • ·No workaround is available for this vulnerability. The only mitigation is patching to a corrected FreeBSD version or revision.
  • ·The exploitability and attack surface depend entirely on how iconv is used by individual applications or daemons on the system; there is no single universal attack vector.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_cisco7.4HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.