oss-sec mailing list archives
CVE-2016-10228: glibc iconv program can hang when invoked with the -c option
From: Florian Weimer <fweimer () redhat com>
Date: Wed, 1 Mar 2017 17:57:23 +0100
The iconv program (not the iconv function) provided by glibc can hang (enter an infinite loop) when invoked with the -c option and an invalid multi-byte sequence is encountered in the input:
https://sourceware.org/bugzilla/show_bug.cgi?id=19519We have received an independent report of this issue, so we are treating this as a (minor) security bug now on the glibc upstream side.
(Note to Red Hat Product Security: We already have a couple of product bugs for this.)
Thanks, Florian
Current thread:
- CVE-2016-10228: glibc iconv program can hang when invoked with the -c option Florian Weimer (Mar 01)