Rocket Ma

**Name of the Vulnerable Software and Affected Versions** glibc versions 2.7 through 2.43 **Description** Calling the scanf family of functions using a %mc (malloc'd character match) with a format width specifier that has an explicit width greater than 1024 can lead to a one byte heap buffer overflow. **Recommendations** Update glibc to a version later than 2.43.

**Name of the Vulnerable Software and Affected Versions** gnu C Library versions prior to 2.44 **Description** Calling the ungetwc function on a FILE stream with wide characters encoded in a character set with overlaps between single byte and multi-byte character encodings can lead to an attempt to read bytes before an allocated buffer. This occurs due to a bug in the wide character pushback implementation ` IO wdefault pbackfail()` in libio/wgenops.c, which causes ungetwc() to use the regular character buffer `fp-> IO read ptr` instead of the wide-stream read pointer `fp-> wide data-> IO read ptr`. This may result in a program crash if `fp-> IO read ptr` is NULL or the unintentional disclosure of neighboring data in the heap. This issue requires a specific character encoding where single byte and multibyte representations overlap, creating spurious matches, a condition not present in standard Unicode character sets. **Recommendations** Update to a version newer than 2.43.

**Name of the Vulnerable Software and Affected Versions** GNU C Library versions 2.43 and earlier **Description** The `iconv()` function in the GNU C Library may experience a crash due to an assertion failure when processing inputs from the IBM1390 or IBM1399 character sets. This could potentially be exploited to remotely crash an application. **Recommendations** Remove the IBM1390 and IBM1399 character sets from systems that do not require them.