glibc: glibc: Denial of Service via iconv() function with specific character sets

A flaw was found in glibc, the GNU C Library. A remote attacker could exploit this vulnerability by providing specially crafted inputs using the IBM1390 or IBM1399 character sets to the iconv function. This could lead to an assertion failure, causing the application to crash and resulting in a...

RHEL 10 : glibc (RHSA-2026:20594)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:20594 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cac...

RHEL 8 : glibc (RHSA-2026:20587)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:20587 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cach...

ALSA-2026:20594 Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

ALSA-2026:20587 Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

Astra Linux - уязвимость в glibc

The iconv function in the GNU C Library also known as glibc or libc6 version 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially leading to a denial of service...

Astra Linux - уязвимость в glibc

The iconv function in the GNU C Library versions 2.39 and earlier may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set. This could potentially cause an application to crash or overwrite a neighboring variable...

CLSA-2026-1779212665 php: Fix of 14 CVEs

CVE-2018-5711: fix infinite loop in gdImageCreateFromGifCtx - CVE-2018-5712: remove file name from phar stub error output XSS - CVE-2018-10545: do not set PRSETDUMPABLE in php-fpm workers by default - CVE-2018-10546: fail iconvmimedecode on invalid multibyte sequences - CVE-2018-10547: escape...

Fedora 43 : glibc (2026-4b7780802c)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-4b7780802c advisory. This update provides various security fixes. Buffer overflow in scanf %mc CVE-2026-5450 nssprintrrf buffer overreads CVE-2026-6238 nssprintrrf buffe...

Astra Linux – Vulnerability in glibc

The iconv feature in the GNU C Library also known as glibc or libc6, up to version 2.32, may have a buffer over-read issue when processing invalid multi-byte input sequences in the EUC-KR encoding...

Astra Linux – Vulnerability in glibc

The iconv program in the GNU C Library also known as glibc or libc6 version 2.31 and earlier, when invoked with multiple suffixes in the destination encoding TRANSLATE or IGNORE along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, resulting in a...

Astra Linux – Vulnerability in glibc

The iconv function in the GNU C Library also known as glibc or libc6 versions 2.32 and earlier, when processing invalid multi-byte input sequences in encodings such as IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399, fails to advance the input state properly. This can lead to an infinite loop in...

OESA-2026-2178 musl security update

musl is an implementation of the C standard library built on top of the Linux system call API, including interfaces defined in the base language standard, POSIX, and widely agreed-upon extensions. It is lightweight, fast, simple, free, and strives to be correct in the sense of standards conforman...

Fedora 44 : glibc (2026-ced72ab158)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ced72ab158 advisory. This update provides various security fixes. Buffer overflow in scanf %mc CVE-2026-5450 nssprintrrf buffer overreads CVE-2026-6238 nssprintrrf buffe...

Amazon Linux 2 : glibc, --advisory ALAS2-2026-3272 (ALAS-2026-3272)

The version of glibc installed on the remote host is prior to 2.26-64. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3272 advisory. The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from t...

Amazon Linux 2023 : compat-libpthread-nonshared, glibc, glibc-all-langpacks (ALAS2023-2026-1622)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1622 advisory. The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely...

Important: glibc

Issue Overview: The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing...

Important: glibc

Issue Overview: The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing...

CLSA-2026-1777481470 glibc: Fix of CVE-2021-3326

CVE-2021-3326: fix assertion failure in iconv ISO-2022-JP-3 module...