The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.
Created glibc tracking bugs for this issue:
Affects: fedora-all [bug 1913056]
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2021:0348 https://access.redhat.com/errata/RHSA-2021:0348
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
This flaw has been rated as having moderate impact for glibc packages shipped with Red Hat Enterprise Linux because, the maximum impact of this vulnerability is a crash, and it relies on processing untrusted input in an uncommon encoding (EUC-KR). When this encoding is not used, the vulnerability can not be triggered.