CVE-2019-25013

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions glibc versions through 2.32

Description The issue is related to a buffer over-read in the iconv feature of the GNU C Library when processing invalid multi-byte input sequences in the EUC-KR encoding. This could potentially allow a remote attacker to cause a denial of service.

Recommendations For versions through 2.32, consider updating to a version that fixes this issue, as the current version may have a buffer over-read when processing certain input sequences in the EUC-KR encoding. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2021:1585

ALT-PU-2021-3034

BDU:2021-03123

CESA-2021_0348

CESA-2021_1585

CVE-2019-25013

DLA-3152-1

MGASA-2021-0053

OESA-2021-1013

OPENSUSE-SU-2021:0358-1

OPENSUSE-SU-2021_0358-1

OPENSUSE-SU-2024:10792-1

RHSA-2021:0348

RHSA-2021:1585

RHSA-2021_0348

RHSA-2021_1585

RLSA-2021:1585

SUSE-SU-2021:0608-1

SUSE-SU-2021:0653-1

SUSE-SU-2021_0608-1

SUSE-SU-2021_0653-1

SUSE-SU-2022:2886-1

SUSE-SU-2023_0579-2

SUSE-SU-2024:0759-1

SUSE-SU-2024_0759-1

USN-5310-1

USN-5768-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

Glibc

CVE-2019-25013

Weakness Enumeration

Related Identifiers

Affected Products

References · 149