First published: Fri Feb 26 2021(Updated: )
GNU C Library (aka glibc or libc6) is vulnerable to a denial of service, caused by an error when processing some invalid inputs from several IBM character sets in the iconv function. By sending invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, IBM1399 encodings, a local authenticated attacker could exploit this vulnerability to cause the application to enter into an infinite loop.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GNU glibc | <=2.32 | |
NetApp ONTAP Select Deploy administration utility | ||
Netapp A250 Firmware | ||
Netapp A250 | ||
Netapp 500f Firmware | ||
Netapp 500f | ||
Netapp H410c Firmware | ||
Netapp H410c | ||
Netapp H300s Firmware | ||
Netapp H300s | ||
Netapp H500s Firmware | ||
Netapp H500s | ||
Netapp H700s Firmware | ||
Netapp H700s | ||
Netapp H300e Firmware | ||
Netapp H300e | ||
Netapp H500e Firmware | ||
Netapp H500e | ||
Netapp H700e Firmware | ||
Netapp H700e | ||
Netapp H410s Firmware | ||
Netapp H410s | ||
Oracle Communications Cloud Native Core Service Communication Proxy | =1.14.0 | |
Debian Debian Linux | =10.0 | |
IBM Security Verify Access | <=10.0.0 | |
debian/glibc | 2.31-13+deb11u11 2.31-13+deb11u10 2.36-9+deb12u9 2.36-9+deb12u7 2.40-4 | |
All of | ||
Netapp A250 Firmware | ||
Netapp A250 | ||
All of | ||
Netapp 500f Firmware | ||
Netapp 500f | ||
All of | ||
Netapp H410c Firmware | ||
Netapp H410c | ||
All of | ||
Netapp H300s Firmware | ||
Netapp H300s | ||
All of | ||
Netapp H500s Firmware | ||
Netapp H500s | ||
All of | ||
Netapp H700s Firmware | ||
Netapp H700s | ||
All of | ||
Netapp H300e Firmware | ||
Netapp H300e | ||
All of | ||
Netapp H500e Firmware | ||
Netapp H500e | ||
All of | ||
Netapp H700e Firmware | ||
Netapp H700e | ||
All of | ||
Netapp H410s Firmware | ||
Netapp H410s |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-27618 is a vulnerability in the GNU C Library (glibc) that can lead to a denial of service.
IBM Security Verify Access version 10.0.0 is affected by CVE-2020-27618.
Yes, NetApp ONTAP Select Deploy administration utility is affected by CVE-2020-27618.
CVE-2020-27618 has a severity level of medium (5.5).
To fix CVE-2020-27618, update your affected software to a version that includes the necessary patches.