CVE-2026-6042: musl libc GB18030 4-byte Decoder iconv.c iconv algorithmic complexity
Published Apr 10, 2026
·Updated
A security flaw has been discovered in musl libc up to 1.2.6. Affected is the function iconv of the file src/locale/iconv.c of the component GB18030 4-byte Decoder. Performing a manipulation results in inefficient algorithmic complexity. The attack must be initiated from a local position. To fix this issue, it is recommended to deploy a patch.
Affected Software
1 affected component
musl musl libc<=1.2.6
Event History
Apr 10, 2026
CVE Published
via MITRE·09:00 AM
Data Sourced
via MITRE·09:00 AM
DescriptionSeverityWeakness
Data Sourced
via NVD·09:16 AM
DescriptionSeverityWeakness
Frequently Asked Questions
1
What is the severity of CVE-2026-6042?
The severity of CVE-2026-6042 is medium with a CVSS score of 4.8.
2
How do I fix CVE-2026-6042?
To fix CVE-2026-6042, update musl libc to version 1.2.7 or later.
3
What component is affected by CVE-2026-6042?
CVE-2026-6042 affects the GB18030 4-byte Decoder in the iconv function of musl libc.
4
What type of vulnerability is CVE-2026-6042?
CVE-2026-6042 is a security flaw characterized by inefficient algorithmic complexity.
5
What attack vector is associated with CVE-2026-6042?
CVE-2026-6042 requires local access to initiate an attack.