CVE-2017-18269 - OpenCVE

An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gnu	Glibc
Linux	Linux Kernel

Configuration 1 [-]

AND

cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/fingolfin/memmove-bug
https://nvd.nist.gov/vuln/detail/CVE-2017-18269
https://security.netapp.com/advisory/ntap-20190329-0001/
https://security.netapp.com/advisory/ntap-20190401-0001/
https://sourceware.org/bugzilla/show_bug.cgi?id=22644
https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=cd66c0e584c6d692bc8347b5e72723d02b8a8ada
https://usn.ubuntu.com/4416-1/
https://www.cve.org/CVERecord?id=CVE-2017-18269

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-05-18T16:00:00

Updated: 2024-08-05T21:13:49.212Z

Reserved: 2018-05-18T00:00:00

Link: CVE-2017-18269

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-05-18T16:29:00.227

Modified: 2023-11-07T02:41:51.483

Link: CVE-2017-18269

Redhat

Severity : Moderate

Publid Date: 2017-12-24T00:00:00Z

Links: CVE-2017-18269 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-05-18T00:00:00", "descriptions": [{"lang": "en", "value": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-07-09T19:06:08", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=cd66c0e584c6d692bc8347b5e72723d02b8a8ada"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/fingolfin/memmove-bug"}, {"tags": ["x_refsource_MISC"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22644"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20190329-0001/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20190401-0001/"}, {"name": "USN-4416-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4416-1/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-18269", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=cd66c0e584c6d692bc8347b5e72723d02b8a8ada", "refsource": "MISC", "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=cd66c0e584c6d692bc8347b5e72723d02b8a8ada"}, {"name": "https://github.com/fingolfin/memmove-bug", "refsource": "MISC", "url": "https://github.com/fingolfin/memmove-bug"}, {"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22644", "refsource": "MISC", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22644"}, {"name": "https://security.netapp.com/advisory/ntap-20190329-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20190329-0001/"}, {"name": "https://security.netapp.com/advisory/ntap-20190401-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20190401-0001/"}, {"name": "USN-4416-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4416-1/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T21:13:49.212Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=cd66c0e584c6d692bc8347b5e72723d02b8a8ada"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/fingolfin/memmove-bug"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22644"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20190329-0001/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20190401-0001/"}, {"name": "USN-4416-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4416-1/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-18269", "datePublished": "2018-05-18T16:00:00", "dateReserved": "2018-05-18T00:00:00", "dateUpdated": "2024-08-05T21:13:49.212Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "matchCriteriaId": "4FE48C40-C85D-4EFE-8343-E8F54BE9AC27", "versionEndIncluding": "2.27", "versionStartIncluding": "2.21", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution."}, {"lang": "es", "value": "Una implementaci\u00f3n memmove optimizada para SSE2 para i386 en sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S en GNU C Library (tambi\u00e9n conocida como glibc o libc6), desde la versi\u00f3n 2.21 hasta la 2.27 no realiza correctamente la comprobaci\u00f3n de solapamiento de memoria si el rango de memoria de origen se extiende por el medio del espacio de memoria. Esto resulta en que se produzcan datos corruptos en la operaci\u00f3n de copia. Esto podr\u00eda revelar informaci\u00f3n a atacantes que dependen del contexto o resultar en una denegaci\u00f3n de servicio (DoS) o una posible ejecuci\u00f3n de c\u00f3digo."}], "id": "CVE-2017-18269", "lastModified": "2023-11-07T02:41:51.483", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-05-18T16:29:00.227", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/fingolfin/memmove-bug"}, {"source": "cve@mitre.org", "url": "https://security.netapp.com/advisory/ntap-20190329-0001/"}, {"source": "cve@mitre.org", "url": "https://security.netapp.com/advisory/ntap-20190401-0001/"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22644"}, {"source": "cve@mitre.org", "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=cd66c0e584c6d692bc8347b5e72723d02b8a8ada"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/4416-1/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "glibc: memory corruption in memcpy-sse2-unaligned.S", "id": "1580924", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580924"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.3", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "status": "draft"}, "cwe": "CWE-119", "details": ["An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution."], "name": "CVE-2017-18269", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "compat-glibc", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "glibc", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "compat-glibc", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "glibc", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "compat-glibc", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "glibc", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "glibc", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2017-12-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-18269\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-18269"], "statement": "This issue did not affect the versions of glibc and compat-glibc as shipped with Red Hat Enterprise Linux 5, 6 and 7 as they did not include the vulnerable code.", "threat_severity": "Moderate", "upstream_fix": "glibc 2.28"}