CVE-2014-5119 glib_gconv_translit_find() exploit
Severity
Important
Vendor
Canonical Ubuntu
Versions Affected
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Description
Certain applications could be made to crash or run programs as an administrator.
Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules.
Affected VMware Products and Versions
Severity is important unless otherwise noted.
- Cloud Foundry Runtime Deployments prior to v183 with BOSH Ubuntu stemcells prior to 2710
- Pivotal CF 1.1.0.0 to 1.2.x
Mitigation
Users of affected versions should apply the following mitigation:
- The Cloud Foundry Project recommends that Cloud Foundry Runtime Deployments running Release v182 or earlier upgrade to v183 or later and BOSH Ubuntu stemcell 2710 or later, which resolves this vulnerability.
- Pivotal CF Elastic Runtime will have the 1.3 release version available that includes Ubuntu stemcell version 2682.2, which resolves this vulnerability. Pivotal recommends that operators upgrade existing deployments to that version upon release.
Credit
This issue was discovered by Tavis Ormandy and John Haxby.
References
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5119
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119
- http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html
- http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html
History
2014-Sep-19: Initial vulnerability report published.