wid-sec-w-2026-0918
·
Published 2026-03-30
·
View on BSI CERT-Bund ↗
GNU libc: Vulnerability allows Denial of Service
CVSS 7.5
HIGH
Risk Summary
The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them.
CVEs (1)
Affected Vendors
Open Source
Affected Products (2)
Open Source
·
GNU libc
<=2.43
Open Source
·
GNU libc
<=2.43
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more