Wind River Support Network

HomeDefectsLIN1021-1946
Fixed

LIN1021-1946 : Security Advisory - glibc - CVE-2021-43396

Created: Nov 4, 2021    Updated: Mar 17, 2022
Resolved Date: Mar 17, 2022
Found In Version: 10.21.20.1
Fix Version: 10.21.20.11
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Toolchain

Description

In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases.

CREATE(Triage):(User=admin) CVE-2021-43396 (https://nvd.nist.gov/vuln/detail/CVE-2021-43396)

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube