CVE-2026-38639
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
26/06/2026
Last modified:
29/06/2026
Description
An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of Service (DoS) via parsing a crafted input.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
References to Advisories, Solutions, and Tools
- https://github.com/Marsman1996/pocs/tree/master/redox/CVE-2026-38639
- https://gitlab.redox-os.org/redox-os/relibc/-/issues/265
- https://gitlab.redox-os.org/redox-os/relibc/-/merge_requests/990
- https://gitlab.redox-os.org/redox-os/relibc/-/work_items/265
- https://gitlab.redox-os.org/redox-os/relibc/-/work_items/265



