CVE-2026-5928: CWE-127 Buffer under-read in The GNU C Library glibc
CVE-2026-5928 is a buffer under-read vulnerability in the GNU C Library (glibc) versions 2. 43 and earlier. It occurs when the ungetwc function is called on a FILE stream with wide characters encoded in a character set that overlaps between single-byte and multi-byte encodings. This causes ungetwc to read before the allocated buffer, potentially disclosing adjacent heap data or causing a program crash. The issue arises from a bug in the wide character pushback implementation where ungetwc operates on the wrong buffer pointer. This vulnerability requires a specific character encoding scenario not present in standard Unicode sets.
AI Analysis
Technical Summary
This vulnerability in glibc affects the ungetwc function used for wide character streams. Due to a bug in the _IO_wdefault_pbackfail function, ungetwc incorrectly uses the regular character buffer pointer instead of the wide-stream read pointer, leading to a buffer under-read. This under-read can disclose adjacent heap memory or cause crashes when the read pointer is uninitialized. The flaw manifests only when the input character encoding has overlapping single-byte and multi-byte character representations, which is not the case for standard Unicode encodings. Affected versions include glibc 2.43 and earlier.
Potential Impact
Exploitation of this vulnerability may lead to unintentional disclosure of neighboring heap data or cause a program crash. The impact depends on the character encoding used and the specific application context. There are no known exploits in the wild. The vulnerability does not affect standard Unicode character sets, limiting its practical impact.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. No official fix or patch information is currently available. Users should monitor the GNU C Library project for updates addressing this issue. Until a fix is released, avoid using ungetwc with character encodings that have overlapping single-byte and multi-byte representations if possible.
CVE-2026-5928: CWE-127 Buffer under-read in The GNU C Library glibc
Description
CVE-2026-5928 is a buffer under-read vulnerability in the GNU C Library (glibc) versions 2. 43 and earlier. It occurs when the ungetwc function is called on a FILE stream with wide characters encoded in a character set that overlaps between single-byte and multi-byte encodings. This causes ungetwc to read before the allocated buffer, potentially disclosing adjacent heap data or causing a program crash. The issue arises from a bug in the wide character pushback implementation where ungetwc operates on the wrong buffer pointer. This vulnerability requires a specific character encoding scenario not present in standard Unicode sets.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability in glibc affects the ungetwc function used for wide character streams. Due to a bug in the _IO_wdefault_pbackfail function, ungetwc incorrectly uses the regular character buffer pointer instead of the wide-stream read pointer, leading to a buffer under-read. This under-read can disclose adjacent heap memory or cause crashes when the read pointer is uninitialized. The flaw manifests only when the input character encoding has overlapping single-byte and multi-byte character representations, which is not the case for standard Unicode encodings. Affected versions include glibc 2.43 and earlier.
Potential Impact
Exploitation of this vulnerability may lead to unintentional disclosure of neighboring heap data or cause a program crash. The impact depends on the character encoding used and the specific application context. There are no known exploits in the wild. The vulnerability does not affect standard Unicode character sets, limiting its practical impact.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. No official fix or patch information is currently available. Users should monitor the GNU C Library project for updates addressing this issue. Until a fix is released, avoid using ungetwc with character encodings that have overlapping single-byte and multi-byte representations if possible.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- glibc
- Date Reserved
- 2026-04-08T22:47:29.814Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69e6942119fe3cd2cd32c4c8
Added to database: 4/20/2026, 9:01:21 PM
Last enriched: 4/20/2026, 9:16:19 PM
Last updated: 4/20/2026, 10:02:13 PM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.