Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states "the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there's no security impact to the bug.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GNU C Library 安全漏洞
Vulnerability Description
GNU C Library(glibc,libc6)是一种按照LGPL许可协议发布的开源免费的C语言编译程序。glibc(GNU C Library)是GNU计划所实现的C标准库。 GNU C Library (又名 glibc) 2.34版本存在安全漏洞,该漏洞源于受影响版本库中iconvdata/iso-2022-jp-3.c的iconv()存在数据校验问题。远程攻击者可利用该漏洞通过精心制作的ISO-2022-JP-3数据强制iconv()发出一个虚假的0字符,并伴随着内部状态重置。在某些iconv
CVSS Information
N/A
Vulnerability Type
N/A