high advisory March 30, 2026

GNU C Library iconv() Function Assertion Failure (CVE-2026-4046)

A vulnerability in the iconv() function of the GNU C Library (versions 2.43 and earlier) can cause a crash due to an assertion failure when handling IBM1390 or IBM1399 character sets, potentially leading to remote application denial-of-service.

The GNU C Library (glibc) is a fundamental component of many Linux systems, providing core functionalities for applications. A vulnerability, CVE-2026-4046, exists within the iconv() function in glibc versions 2.43 and earlier. This flaw can be triggered when the library attempts to convert character sets from IBM1390 or IBM1399. If an application utilizes iconv() to process potentially malicious input from these character sets, it could lead to an assertion failure and subsequent crash…

Detection coverage 2

Detect Iconv Crash

high

Detects application crashes potentially caused by the iconv() vulnerability when processing IBM1390/IBM1399 character sets based on the presence of crash logs.

sigma tactics: availability techniques: T1499.004 sources: application, linux

Detect Iconv Usage of IBM1390 or IBM1399

low

Detects applications using the iconv() function to convert from IBM1390 or IBM1399 character sets.

sigma tactics: discovery techniques: T1068 sources: application, linux

Detection queries are kept inside the platform. Get full rules →