Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2024-2961

CWE-787Out-of-bounds WriteCWE-532Log File Information Exposure16 documents14 sources
Severity
7.3HIGH
EPSS
92.2%
top 0.29%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
THE GNU C Library GlibcGNU GlibcDebian Debian Linux
Timeline
PublishedApr 17
Latest updateOct 3

Description

The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:HExploitability: 2.5 | Impact: 4.7

Affected Packages3 packages

CVEListV5the_gnu_c_library/glibc2.1.932.40
NVDgnu/glibc2.1.932.40
Debianglibc< 2.31-13+deb11u9+3

Also affects: Debian Linux 10.0

🔴Vulnerability Details

5
GHSA
matrix-sdk-crypto contains a log exposure of private key of the server-side key backup2024-05-13
OSV
CVE-2024-2961: The iconv() function in the GNU C Library versions 22024-04-17
CVEList
CVE-2024-2961: The iconv() function in the GNU C Library versions 22024-04-17
GHSA
GHSA-22q4-f5r6-3xqw: The iconv() function in the GNU C Library versions 22024-04-17
VulnCheck
GNU C Library iconv() Function Vulnerability2024

💥Exploits & PoCs

2
Nuclei
PHP - LFR to Remote Code Execution
Metasploit
CosmicSting: Magento Arbitrary File Read (CVE-2024-34102) + PHP Buffer Overflow in the iconv() function of glibc (CVE-2024-2961)

🔍Detection Rules

1
Suricata
ET EXPLOIT glibc iconv Abitrary File Read RCE (CVE-2024-2961)2024-10-03

📋Vendor Advisories

6
Oracle
Oracle Oracle Communications Risk Matrix: Signaling (glibc) — CVE-2024-29612024-07-15
Ubuntu
GNU C Library vulnerabilities2024-05-02
Ubuntu
GNU C Library vulnerability2024-04-29
Ubuntu
GNU C Library vulnerability2024-04-18
Red Hat
glibc: Out of bounds write in iconv may lead to remote code execution2024-04-17

🕵️Threat Intelligence

1
Bleepingcomputer
Over 4,000 Adobe Commerce, Magento shops hacked in CosmicSting attacks2024-10-03
CVE-2024-2961 (HIGH CVSS 7.3) | The iconv() function in the GNU C L | cvebase.io