Synopsis:
glibc security updateSummary:
An update for glibc is now available for openEuler-20.03-LTS-SP4Description:
The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational facilities as open, read, write, malloc, printf, getaddrinfo, dlopen, pthread_create, crypt, login, exit and more.
Security Fix(es):
The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application.
This vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them.(CVE-2026-4046)Topic:
An update for glibc is now available for openEuler-20.03-LTS-SP4.
openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.Severity:
HighAffected Component:
glibc
2.28-123.oe2003sp42.28-123.oe2003sp42.28-123.oe2003sp42.28-123.oe2003sp42.17-2.28-123.oe2003sp42.28-123.oe2003sp42.28-123.oe2003sp42.28-123.oe2003sp42.28-123.oe2003sp42.28-123.oe2003sp4Exploitability
AV:NAC:LPR:NUI:NScope
S:UImpact
C:NI:NA:H7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H