The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10228