Lucene search

K
f5F5F5:K08641512
HistoryJul 13, 2021 - 12:00 a.m.

K08641512 : glibc vulnerability CVE-2020-27618

2021-07-1300:00:00
my.f5.com
30

7.3 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.2%

Security Advisory Description

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228. (CVE-2020-27618)

Impact

When the infinite loop can be influenced by an attacker, this weakness could allow attackers to consume excessive resources such as CPU or memory resulting in a denial of service (DoS).