Description
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.
Solution(s)
suse-upgrade-glibcsuse-upgrade-glibc-32bitsuse-upgrade-glibc-32bit-debuginfosuse-upgrade-glibc-debuginfosuse-upgrade-glibc-debugsourcesuse-upgrade-glibc-develsuse-upgrade-glibc-devel-32bitsuse-upgrade-glibc-devel-32bit-debuginfosuse-upgrade-glibc-devel-debuginfosuse-upgrade-glibc-devel-staticsuse-upgrade-glibc-devel-static-32bitsuse-upgrade-glibc-extrasuse-upgrade-glibc-extra-debuginfosuse-upgrade-glibc-htmlsuse-upgrade-glibc-i18ndatasuse-upgrade-glibc-infosuse-upgrade-glibc-localesuse-upgrade-glibc-locale-basesuse-upgrade-glibc-locale-base-32bitsuse-upgrade-glibc-locale-base-32bit-debuginfosuse-upgrade-glibc-locale-base-debuginfosuse-upgrade-glibc-profilesuse-upgrade-glibc-profile-32bitsuse-upgrade-glibc-testsuite-srcsuse-upgrade-glibc-utilssuse-upgrade-glibc-utils-32bitsuse-upgrade-glibc-utils-32bit-debuginfosuse-upgrade-glibc-utils-debuginfosuse-upgrade-glibc-utils-srcsuse-upgrade-glibc-utils-src-debugsourcesuse-upgrade-nscdsuse-upgrade-nscd-debuginfo
ReferencesSUSE-SU-2021:0653-1CVE-2020-27618