Document Type | Troubleshooting
Category | Security
Applicable Product Versions | 6FS07PS, 7FS02PS
Document Number | TSETS001
Issue
This is about the security vulnerability ‘CVE-2024-2981’ in the GNU C Library (hereafter glibc), a fundamental component of Linux-based operating systems, and its impact on Tibero.
Cause
The issue arises from the iconv() function in glibc when processing the ISO-2022-CN-EXT Chinese character set, which is an extended version that can include more characters than the standard ISO-2022-CN.
This leads to a security vulnerability.
Solutions
Remove ISO-22022-CN-EXT from the module configuration of glibc-gconv-extra.
NoteFor detailed resolution steps, please refer to the following RedHat security document.
CautionWhen removing the ISO-22022-CN-EXT from the glibc-gconv-extra module configuration, if there are applications that use this encoding, they will not be able to recognize or process this character encoding.Therefore, it is necessary to check in advance whether documents or data containing specific Chinese characters are used.
[Impact on Tibero]
When converting charset within the Tibero server, it does not use glibc's iconv, and since the ISO-2022-CN-EXT encoding is not used as a charset within the server, removing this encoding does not affect Tibero. (The client also uses the same function as the server for charset conversion)