Tuesday, March 2, 2021

SUSE: CVE-2020-27618: SUSE Linux Security Advisory

Description
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.
Solution(s)
  • suse-upgrade-glibc
  • suse-upgrade-glibc-32bit
  • suse-upgrade-glibc-32bit-debuginfo
  • suse-upgrade-glibc-debuginfo
  • suse-upgrade-glibc-debugsource
  • suse-upgrade-glibc-devel
  • suse-upgrade-glibc-devel-32bit
  • suse-upgrade-glibc-devel-32bit-debuginfo
  • suse-upgrade-glibc-devel-debuginfo
  • suse-upgrade-glibc-devel-static
  • suse-upgrade-glibc-devel-static-32bit
  • suse-upgrade-glibc-extra
  • suse-upgrade-glibc-extra-debuginfo
  • suse-upgrade-glibc-html
  • suse-upgrade-glibc-i18ndata
  • suse-upgrade-glibc-info
  • suse-upgrade-glibc-locale
  • suse-upgrade-glibc-locale-base
  • suse-upgrade-glibc-locale-base-32bit
  • suse-upgrade-glibc-locale-base-32bit-debuginfo
  • suse-upgrade-glibc-locale-base-debuginfo
  • suse-upgrade-glibc-profile
  • suse-upgrade-glibc-profile-32bit
  • suse-upgrade-glibc-testsuite-src
  • suse-upgrade-glibc-utils
  • suse-upgrade-glibc-utils-32bit
  • suse-upgrade-glibc-utils-32bit-debuginfo
  • suse-upgrade-glibc-utils-debuginfo
  • suse-upgrade-glibc-utils-src
  • suse-upgrade-glibc-utils-src-debugsource
  • suse-upgrade-nscd
  • suse-upgrade-nscd-debuginfo


  • References
  • SUSE-SU-2021:0653-1
  • CVE-2020-27618




  •  

    Copyright © 2020 Cyber Details - Vulnerability Database™

    Thanks for everything Templateism - You should have written the code a little more complicated