The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.

References

openwall.com/lists/oss-security/2017/03/01/10

www.securityfocus.com/bid/96525

lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E

lists.debian.org/debian-lts-announce/2022/10/msg00021.html

security.gentoo.org/glsa/202101-20

sourceware.org/bugzilla/show_bug.cgi?id=19519

sourceware.org/bugzilla/show_bug.cgi?id=19519#c21

sourceware.org/bugzilla/show_bug.cgi?id=26224

www.oracle.com/security-alerts/cpuapr2022.html

ubuntucve 2

prion 2

ibm 5

redhatcve 1

openvas 19

nessus 33

nvd 2

suse 1

mageia 1

redos 16

f5 2

osv 7

cve 2

debiancve 2

cvelist 1

fedora 1

amazon 1

ubuntu 2

rocky 1

oraclelinux 3

redhat 15

gentoo 1

almalinux 1

altlinux 1

hackerone 1

cloudfoundry 1

debian 1

rosalinux 1

ics 2

avleonov 1

ubuntucve

CVE-2016-10228

2017-03-02 00:00:00

CVE-2020-27618

2021-02-26 00:00:00

prion

Input validation

2017-03-02 01:59:00

Input validation

2021-02-26 23:15:00

ibm

Security Bulletin: Vulnerability in glibc affects Intel® Manycore Platform Software Stack (Intel® MPSS) for Linux and Windows (CVE-2016-10228)

2019-01-31 02:25:02

Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Verify Access

2022-01-07 00:24:27

Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-za

2019-07-25 15:25:01

redhatcve

CVE-2016-10228

2017-03-02 09:18:08

openvas

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2019-1648)

2020-01-23 00:00:00

SUSE: Security Advisory (SUSE-SU-2021:3830-1)

2021-12-02 00:00:00

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2021-2216)

2021-07-19 00:00:00

nessus

EulerOS 2.0 SP5 : glibc (EulerOS-SA-2021-2216)

2021-07-16 00:00:00

EulerOS 2.0 SP8 : glibc (EulerOS-SA-2019-1648)

2019-06-27 00:00:00

SUSE SLED15 / SLES15 Security Update : glibc (SUSE-SU-2021:3830-1)

2021-12-02 00:00:00

nvd

CVE-2016-10228

2017-03-02 01:59:00

CVE-2020-27618

2021-02-26 23:15:11

suse

Security update for glibc (moderate)

2021-12-10 00:00:00

mageia

Updated glibc packages fix a security vulnerability

2021-06-29 00:16:35

redos

ROS-20231020-10

2023-10-20 00:00:00

ROS-2-796

2021-09-08 00:00:00

ROS-2-466

2021-09-08 00:00:00

K52494142: GNU C Library (glibc) vulnerability CVE-2016-10228

2021-07-02 00:00:00

K08641512 : glibc vulnerability CVE-2020-27618

2021-07-13 00:00:00

osv

CVE-2016-10228

2017-03-02 01:59:00

CVE-2020-27618

2021-02-26 23:15:11

glibc vulnerabilities

2022-12-08 13:17:39

cve

CVE-2016-10228

2017-03-02 01:59:00

CVE-2020-27618

2021-02-26 23:15:11

debiancve

CVE-2016-10228

2017-03-02 01:59:00

CVE-2020-27618

2021-02-26 23:15:11

cvelist

CVE-2020-27618

2021-02-26 00:00:00

fedora

[SECURITY] Fedora 32 Update: glibc-2.31-5.fc32

2021-01-20 01:28:29

amazon

Important: glibc

2021-02-19 01:17:00

ubuntu

GNU C Library vulnerabilities

2022-12-08 00:00:00

GNU C Library vulnerabilities

2022-03-01 00:00:00

rocky

glibc security, bug fix, and enhancement update

2021-05-18 05:35:07

oraclelinux

glibc security, bug fix, and enhancement update

2021-05-25 00:00:00

glibc security update

2021-06-04 00:00:00

glibc security update

2021-07-02 00:00:00

redhat

(RHSA-2021:1585) Moderate: glibc security, bug fix, and enhancement update

2021-05-18 05:35:07

(RHSA-2021:2705) Moderate: Release of OpenShift Serverless 1.16.0

2021-07-13 16:31:04

(RHSA-2021:2130) Moderate: Windows Container Support for Red Hat OpenShift 2.0.1 security and bug fix update

2021-06-23 05:30:08

gentoo

glibc: Multiple vulnerabilities

2021-01-25 00:00:00

almalinux

Moderate: glibc security, bug fix, and enhancement update

2021-05-18 05:35:07

altlinux

Security fix for the ALT Linux 9 package glibc version 6:2.27-alt14

2021-09-23 00:00:00

hackerone

GitLab: Container scanning and Dependency scanning report leaked to unauthorized users

2019-08-19 22:30:30

cloudfoundry

USN-5310-1: GNU C Library vulnerabilities | Cloud Foundry

2023-05-18 00:00:00

debian

[SECURITY] [DLA 3152-1] glibc security update

2022-10-17 15:54:41

rosalinux

Advisory ROSA-SA-2021-1844

2021-07-02 16:56:21

ics

Siemens SIMATIC S7-1500 TM MFP BIOS

2023-06-15 12:00:00

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

avleonov

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

2022-12-30 18:03:13

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.5 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.2%

JSON

Related for CVELIST:CVE-2016-10228