CVE-2020-29562

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-29562

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-29562.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-29562

Related

Published

2020-12-04T07:15:11Z

Modified

2024-09-11T04:41:08.575826Z

Severity

4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

References

Affected packages

Debian:11 / glibc

Package

Name: glibc
Purl: pkg:deb/debian/glibc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.31-7

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / glibc

Package

Name: glibc
Purl: pkg:deb/debian/glibc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.31-7

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / glibc

Package

Name: glibc
Purl: pkg:deb/debian/glibc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.31-7

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / sourceware.org/git/glibc.git

Affected ranges

Type: GIT
Repo: https://sourceware.org/git/glibc.git
Events: Introduced

0a8262a1b269f8f1602933248e69dfb041aab7a2

Last affected

3de512be7ea6053255afed6154db9ee31d4e557a

Affected versions

Other

changelog-ends-here

glibc-2.*

glibc-2.30

glibc-2.30.9000

glibc-2.31

glibc-2.31.9000

glibc-2.32