CVEs-PoC/2016/CVE-2016-10228.md

### [CVE-2016-10228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.

### POC

#### Reference
- https://www.oracle.com/security-alerts/cpuapr2022.html

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Frannc0/test2
- https://github.com/Live-Hack-CVE/CVE-2020-27618
- https://github.com/NeXTLinux/griffon
- https://github.com/VAN-ALLY/Anchore
- https://github.com/anchore/grype
- https://github.com/aymankhder/scanner-for-container
- https://github.com/brandoncamenisch/release-the-code-litecoin
- https://github.com/dispera/giant-squid
- https://github.com/domyrtille/interview_project
- https://github.com/epequeno/devops-demo
- https://github.com/flyrev/security-scan-ci-presentation
- https://github.com/garethr/snykout
- https://github.com/khulnasoft-labs/griffon
- https://github.com/metapull/attackfinder
- https://github.com/nedenwalker/spring-boot-app-using-gradle
- https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln
- https://github.com/onzack/trivy-multiscanner
- https://github.com/step-security-bot/griffon
- https://github.com/vissu99/grype-0.70.0
- https://github.com/yfoelling/yair