CVE-2021-3326

Updated: 2024-11-22 05:31:23.011561

Description:

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 5
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 6 ELS glibc 2.12 7.5 HIGH Released CLSA-2021:1637583639 2022-05-05 12:02:17
CentOS 7 ELS glibc 2.17 7.5 HIGH Not Vulnerable 2023-09-19 09:30:31
CentOS 8.4 ELS glibc 2.28 7.5 HIGH Already Fixed 2023-10-30 11:22:51
CentOS 8.5 ELS glibc 2.28 7.5 HIGH Already Fixed 2023-10-30 11:22:24
CloudLinux 6 ELS glibc 2.12 7.5 HIGH Released 2022-04-19 21:49:47
Oracle Linux 6 ELS glibc 2.12 7.5 HIGH Released CLSA-2021:1636389447 2022-04-19 21:49:47
Ubuntu 16.04 ELS glibc 2.23-0 7.5 HIGH Released CLSA-2021:1636389414 2022-04-19 21:49:47
Ubuntu 18.04 ELS glibc 2.27-3 7.5 HIGH Already Fixed 2023-06-02 09:09:55