USN-2432-1

Advisory lineage Upstream: 6 Downstream: 0

Upstream

CVE-2012-6656 CVE-2014-6040 CVE-2014-7817 UBUNTU-CVE-2012-6656 UBUNTU-CVE-2014-6040 UBUNTU-CVE-2014-7817

Published: 03 Dec 2014, 18:26

Last modified:22 Apr 2026, 09:03

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

03 Dec 2014, 18:26

Published

Vulnerability first disclosed

22 Apr 2026, 09:03

Last Modified

Vulnerability information updated

Description

eglibc, glibc vulnerabilities Siddhesh Poyarekar discovered that the GNU C Library incorrectly handled certain multibyte characters when using the iconv function. An attacker could possibly use this issue to cause applications to crash, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2012-6656) Adhemerval Zanella Netto discovered that the GNU C Library incorrectly handled certain multibyte characters when using the iconv function. An attacker could possibly use this issue to cause applications to crash, resulting in a denial of service. (CVE-2014-6040) Tim Waugh discovered that the GNU C Library incorrectly enforced the WRDE_NOCMD flag when handling the wordexp function. An attacker could possibly use this issue to execute arbitrary commands. (CVE-2014-7817)

Affected Systems

ubuntu•eglibc
< 2.19-0ubuntu6.4

USN-2432-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (4)