CVE-2024-2961

The software that is vulnerable is the GNU C Library (glibc) versions 2.39 and older, specifically the iconv() function when converting strings to the ISO-2022-CN-EXT character set. This vulnerability can be exploited through PHP-based web applications.

The vulnerability is a buffer overflow in the iconv() function, which can be used to crash an application or overwrite a neighboring variable, potentially allowing remote code execution (RCE). The vulnerability is identified as CVE-2024-2961.

There is a public exploit available for this vulnerability, and it has been demonstrated that it can be used to achieve RCE on PHP-based web applications, including Roundcube. The vulnerability can be exploited by sending a specially crafted string to the iconv() function, which can cause a buffer overflow and allow an attacker to execute arbitrary code.

It is recommended that users upgrade their glibc library to a version that is not vulnerable to this exploit. Some Linux distributions, such as Rocky Linux, have already released patches for this vulnerability.

The number of Internet users that can be affected by the exploitation of this vulnerability is not specified, but it is likely that many PHP-based web applications are vulnerable, as glibc is a widely used library.

#CVE-2024-2961 #glibc #iconv #bufferoverflow #RCE #PHP #vulnerability #exploit #Linux #Roundcube #GNUCLibrary