{"schema_version":"1.7.2","id":"OESA-2026-2031","modified":"2026-04-25T05:48:42Z","published":"2026-04-25T05:48:42Z","upstream":["CVE-2026-4046"],"summary":"glibc security update","details":"The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational facilities as open, read, write, malloc, printf, getaddrinfo, dlopen, pthread_create, crypt,  login, exit and more.\r\n\r\nSecurity Fix(es):\n\nThe iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application.\n\n\n\nThis vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them.(CVE-2026-4046)","affected":[{"package":{"ecosystem":"openEuler:24.03-LTS-SP1","name":"glibc","purl":"pkg:rpm/openEuler/glibc&distro=openEuler-24.03-LTS-SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.38-101.oe2403sp1"}]}],"ecosystem_specific":{"aarch64":["glibc-2.38-101.oe2403sp1.aarch64.rpm","glibc-all-langpacks-2.38-101.oe2403sp1.aarch64.rpm","glibc-common-2.38-101.oe2403sp1.aarch64.rpm","glibc-debuginfo-2.38-101.oe2403sp1.aarch64.rpm","glibc-debugsource-2.38-101.oe2403sp1.aarch64.rpm","glibc-debugutils-2.38-101.oe2403sp1.aarch64.rpm","glibc-devel-2.38-101.oe2403sp1.aarch64.rpm","glibc-locale-archive-2.38-101.oe2403sp1.aarch64.rpm","glibc-locale-source-2.38-101.oe2403sp1.aarch64.rpm","glibc-nss-devel-2.38-101.oe2403sp1.aarch64.rpm","libnsl-2.38-101.oe2403sp1.aarch64.rpm","nscd-2.38-101.oe2403sp1.aarch64.rpm","nss_modules-2.38-101.oe2403sp1.aarch64.rpm"],"noarch":["glibc-help-2.38-101.oe2403sp1.noarch.rpm"],"src":["glibc-2.38-101.oe2403sp1.src.rpm"],"x86_64":["glibc-2.38-101.oe2403sp1.x86_64.rpm","glibc-all-langpacks-2.38-101.oe2403sp1.x86_64.rpm","glibc-common-2.38-101.oe2403sp1.x86_64.rpm","glibc-debuginfo-2.38-101.oe2403sp1.x86_64.rpm","glibc-debugsource-2.38-101.oe2403sp1.x86_64.rpm","glibc-debugutils-2.38-101.oe2403sp1.x86_64.rpm","glibc-devel-2.38-101.oe2403sp1.x86_64.rpm","glibc-locale-archive-2.38-101.oe2403sp1.x86_64.rpm","glibc-locale-source-2.38-101.oe2403sp1.x86_64.rpm","glibc-nss-devel-2.38-101.oe2403sp1.x86_64.rpm","libnsl-2.38-101.oe2403sp1.x86_64.rpm","nscd-2.38-101.oe2403sp1.x86_64.rpm","nss_modules-2.38-101.oe2403sp1.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2031"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-4046"}],"database_specific":{"severity":"High"}}