Unrated severityNVD Advisory· Published Dec 4, 2020· Updated Jun 9, 2025
CVE-2020-29562
CVE-2020-29562
Description
The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
Affected products
29- GNU/GNU C Librarydescription
- osv-coords28 versionspkg:rpm/opensuse/glibc&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/glibc&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/glibc-testsuite-src&distro=openSUSE%20Leap%2015.2pkg:rpm/suse/glibc&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20COREpkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/glibc&distro=SUSE%20Manager%20Proxy%204.0pkg:rpm/suse/glibc&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0pkg:rpm/suse/glibc&distro=SUSE%20Manager%20Server%204.0pkg:rpm/suse/glibc&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/glibc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
< 2.26-lp152.26.6.1+ 27 more
- (no CPE)range: < 2.26-lp152.26.6.1
- (no CPE)range: < 2.34-1.2
- (no CPE)range: < 2.26-lp152.26.6.1
- (no CPE)range: < 2.26-13.56.1
- (no CPE)range: < 2.26-13.56.1
- (no CPE)range: < 2.26-13.56.1
- (no CPE)range: < 2.26-13.56.1
- (no CPE)range: < 2.26-13.56.1
- (no CPE)range: < 2.26-13.56.1
- (no CPE)range: < 2.26-13.56.1
- (no CPE)range: < 2.11.3-17.110.43.1
- (no CPE)range: < 2.22-126.1
- (no CPE)range: < 2.22-126.1
- (no CPE)range: < 2.22-114.8.3
- (no CPE)range: < 2.22-114.8.3
- (no CPE)range: < 2.26-13.56.1
- (no CPE)range: < 2.26-13.56.1
- (no CPE)range: < 2.26-13.56.1
- (no CPE)range: < 2.22-114.8.3
- (no CPE)range: < 2.22-114.8.3
- (no CPE)range: < 2.26-13.56.1
- (no CPE)range: < 2.26-13.56.1
- (no CPE)range: < 2.22-114.8.3
- (no CPE)range: < 2.26-13.56.1
- (no CPE)range: < 2.26-13.56.1
- (no CPE)range: < 2.26-13.56.1
- (no CPE)range: < 2.22-114.8.3
- (no CPE)range: < 2.22-114.8.3
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/mitrevendor-advisoryx_refsource_FEDORA
- security.gentoo.org/glsa/202101-20mitrevendor-advisoryx_refsource_GENTOO
- lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3Emitremailing-listx_refsource_MLIST
- security.netapp.com/advisory/ntap-20210122-0004/mitrex_refsource_CONFIRM
- sourceware.org/bugzilla/show_bug.cgimitrex_refsource_MISC
News mentions
0No linked articles in our index yet.