CVE-2020-29562

Published: Dec 4, 2020Modified: Jun 17, 2026

4.8

Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

Exploitability: 1.2 / Impact: 3.6

Source: NVD

Description

The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

Affected (3)

Products: Gnu: Glibc · Fedoraproject: Fedora · Netapp: E Series Santricity Os Controller

1 product

1 product

1 product

E Series Santricity Os Controller

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Gnu Glibc	From 2.30 to 2.32

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 32

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Netapp E Series Santricity Os Controller	From 11.0.0 to 11.60.3

Related CWEs

CWE-617

Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

References (10)

https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E

Source: cve@mitre.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/

Source: cve@mitre.org

https://security.gentoo.org/glsa/202101-20

Source: cve@mitre.org

Third Party Advisory

https://security.netapp.com/advisory/ntap-20210122-0004/

Source: cve@mitre.org

Third Party Advisory

https://sourceware.org/bugzilla/show_bug.cgi?id=26923

Source: cve@mitre.org

ExploitIssue TrackingPatchThird Party Advisory

https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E