First published: Thu Mar 02 2017(Updated: )
GNU C Library (glibc) is vulnerable to a denial of service, caused by an error in the iconv program. By processing invalid multi-byte input sequences, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GNU glibc | <=2.25 | |
IBM Security Verify Access | <=10.0.0 | |
debian/glibc | 2.31-13+deb11u11 2.31-13+deb11u10 2.36-9+deb12u9 2.36-9+deb12u7 2.40-4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The CVE ID of this vulnerability is CVE-2016-10228.
The severity of CVE-2016-10228 is medium with a CVSS score of 5.9.
The GNU C Library (glibc) versions 2.31 and earlier, as well as IBM Security Verify Access version 10.0.0, are affected by CVE-2016-10228.
CVE-2016-10228 can lead to a denial of service due to an infinite loop when processing invalid multi-byte input sequences.
You can find more information about CVE-2016-10228 in the following references: [link1], [link2], [link3].