Updated: 2024-11-22 00:23:35.144532
Description:
An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | MEDIUM | 6.8 |
CVSS Version 3.x | HIGH | 8.1 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
---|---|---|---|---|---|---|---|---|
CentOS 6 ELS | glibc | 2.12 | 8.1 | HIGH | Ignored | 2024-05-07 05:18:54 | ||
CloudLinux 6 ELS | glibc | 2.12 | 8.1 | HIGH | Ignored | 2024-05-07 05:18:53 | ||
Oracle Linux 6 ELS | glibc | 2.12 | 8.1 | HIGH | Ignored | 2024-05-07 05:18:53 | ||
Ubuntu 16.04 ELS | glibc | 2.23-0 | 8.1 | HIGH | Not Vulnerable | 2022-04-28 19:04:55 |