The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Glibc | Gnu | * | 2.32 (including) |
Red Hat Enterprise Linux 8 | RedHat | glibc-0:2.28-151.el8 | * |
Red Hat Enterprise Linux 8 | RedHat | glibc-0:2.28-151.el8 | * |
Eglibc | Ubuntu | esm-infra-legacy/trusty | * |
Eglibc | Ubuntu | precise/esm | * |
Eglibc | Ubuntu | trusty | * |
Eglibc | Ubuntu | trusty/esm | * |
Glibc | Ubuntu | bionic | * |
Glibc | Ubuntu | esm-infra/xenial | * |
Glibc | Ubuntu | focal | * |
Glibc | Ubuntu | groovy | * |
Glibc | Ubuntu | trusty | * |
Glibc | Ubuntu | upstream | * |
Glibc | Ubuntu | xenial | * |