In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=28524
Created glibc tracking bugs for this issue: Affects: fedora-all [bug 2020653]
See https://sourceware.org/bugzilla/show_bug.cgi?id=28524#c4 for more details on why this is not considered a security issue. I have requested to MITRE to reject this CVE.