---

CVE-2020-27618 - log back

CVE-2020-27618 edited at 03 Feb 2021 12:05:51
Severity	- Unknown + Low
Remote	- Unknown + Local
Type	- Unknown + Denial of service
Description	+ A flaw was found in glibc up to version 2.32. If an attacker provides the iconv function with invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, IBM1399 encodings, it fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service. The issue is fixed in glibc version 2.33.
References	+ https://bugzilla.redhat.com/show_bug.cgi?id=1893708 + https://sourceware.org/bugzilla/show_bug.cgi?id=26224 + https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=9a99c682144bdbd40792ebf822fe9264e0376fb5

CVE-2020-27618 created at 03 Feb 2021 12:04:01
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes