QSearchQSearch

CVE-2021-3326

7.5 HIGH

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP...

Published: 2021-01-27 · Last updated: 2026-06-17

Severity and scoring

CVSS
7.5 HIGH
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE
CWE-617

Affected products

VendorProduct
debiancommunications_cloud_native_core_security_edge_protection_proxy, debian_linux, e-series_santricity_os_controller
fujitsucommunications_cloud_native_core_security_edge_protection_proxy, debian_linux, e-series_santricity_os_controller
gnucommunications_cloud_native_core_security_edge_protection_proxy, debian_linux, e-series_santricity_os_controller
netappcommunications_cloud_native_core_security_edge_protection_proxy, debian_linux, e-series_santricity_os_controller
oraclecommunications_cloud_native_core_security_edge_protection_proxy, debian_linux, e-series_santricity_os_controller

Description

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-35273 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management) (9.8 CRITICAL)
  • CVE-2026-49975 Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP ... (7.5 HIGH)
  • CVE-2026-46843 Vulnerability in Oracle REST Data Services (component: Core) (5.3 MEDIUM)
  • CVE-2026-46842 Vulnerability in Oracle REST Data Services (component: Core) (5.3 MEDIUM)
  • CVE-2026-46841 Vulnerability in Oracle REST Data Services (component: General) (5.3 MEDIUM)

Same CWE

  • CVE-2026-52718 A denial of service vulnerability was found in GStreamer's AV1 codec parser in gst-plugins-bad (6.5 MEDIUM)
  • CVE-2026-29116 A vulnerability has been found in some Dahua products could allow an unauthenticated remote attacker to send a specially crafted packet, ...
  • CVE-2026-29115 A vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, tr...
  • CVE-2026-46543 Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm (5.3 MEDIUM)
  • CVE-2026-46542 Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm (4.3 MEDIUM)