Description

The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.

INFO

Published Date :

2024-04-17T17:27:40.541Z

Last Modified :

2025-10-30T03:55:59.233Z

Source :

glibc
AFFECTED PRODUCTS

The following products are affected by CVE-2024-2961 vulnerability.

Vendors Products
Debian
  • Debian Linux
Gnu
  • Glibc
Netapp
  • Active Iq Unified Manager
  • Hci Compute Node
  • Hci H300s
  • Hci H300s Firmware
  • Hci H410c
  • Hci H410c Firmware
  • Hci H410s
  • Hci H410s Firmware
  • Hci H500s
  • Hci H500s Firmware
  • Hci H610c
  • Hci H610c Firmware
  • Hci H610s
  • Hci H610s Firmware
  • Hci H615c
  • Hci H615c Firmware
  • Hci H700s
  • Hci H700s Firmware
  • Ontap Select Deploy Administration Utility
Redhat
  • Enterprise Linux
  • Openshift
  • Rhel Aus
  • Rhel E4s
  • Rhel Eus
  • Rhel Tus
  • Rhev Hypervisor
  • Service Interconnect
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-2961.

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact