CVE-2016-10228
Published: 02 March 2017
The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.
Priority
CVSS 3 base score: 5.9
Status
Package | Release | Status |
---|---|---|
eglibc Launchpad, Ubuntu, Debian |
Upstream |
Needed
|
Ubuntu 20.10 (Groovy Gorilla) |
Does not exist
|
|
Ubuntu 20.04 LTS (Focal Fossa) |
Does not exist
|
|
Ubuntu 18.04 LTS (Bionic Beaver) |
Does not exist
|
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Needed
|
|
glibc Launchpad, Ubuntu, Debian |
Upstream |
Needed
|
Ubuntu 20.10 (Groovy Gorilla) |
Needed
|
|
Ubuntu 20.04 LTS (Focal Fossa) |
Needed
|
|
Ubuntu 18.04 LTS (Bionic Beaver) |
Needed
|
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Needed
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
Patches: Upstream: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=91927b7c76437db860cd86a7714476b56bb39d07 |