An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.
Advisories
Source ID Title
Debian DLA Debian DLA DLA-3152-1 glibc security update
EUVD EUVD EUVD-2020-27250 An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.
Ubuntu USN Ubuntu USN USN-4954-1 GNU C Library vulnerabilities
Ubuntu USN Ubuntu USN USN-5310-1 GNU C Library vulnerabilities
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: talos

Published:

Updated: 2024-08-04T08:47:40.958Z

Reserved: 2020-01-07T00:00:00

Link: CVE-2020-6096

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-04-01T22:15:18.503

Modified: 2024-11-21T05:35:05.313

Link: CVE-2020-6096

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-03-02T00:00:00Z

Links: CVE-2020-6096 - Bugzilla

cve-icon OpenCVE Enrichment

No data.