Bug 1905217 (CVE-2020-29562)
| Summary: | CVE-2020-29562 glibc: assertion failure in iconv when converting invalid UCS4 | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Guilherme de Almeida Suckevicz <gsuckevi> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED NOTABUG | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | arjun.is, ashankar, codonell, dj, fweimer, glibc-bugzilla, mfabian, mnewsome, pfrankli, sipoyare, yozone |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | glibc 2.33 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A denial of service flaw was found in the way glibc's iconv function handled UCS4 text containing an irreversible character. This flaw causes an application compiled with glibc and using the vulnerable function to terminate with an assertion, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-05-27 17:32:00 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1905218, 1912204, 1912205, 1912206 | ||
| Bug Blocks: | 1905219 | ||
|
Description
Guilherme de Almeida Suckevicz
2020-12-07 18:34:55 UTC
Created glibc tracking bugs for this issue: Affects: fedora-all [bug 1905218] No services using 2.30-2.32 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-29562 |