sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of "Fixed for glibc 2.33" in the 26649 reference.
References
Link | Resource |
---|---|
https://security.gentoo.org/glsa/202101-20 | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20210122-0004/ | Third Party Advisory |
https://sourceware.org/bugzilla/show_bug.cgi?id=26649 | Issue Tracking Patch Third Party Advisory |
https://sourceware.org/pipermail/libc-alpha/2020-September/117779.html | Patch Third Party Advisory |
Configurations
History
26 Apr 2023, 19:09
Type | Values Removed | Values Added |
---|---|---|
First Time |
Netapp
Netapp cloud Backup Netapp solidfire Baseboard Management Controller |
|
CPE | cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* |
|
References | (GENTOO) https://security.gentoo.org/glsa/202101-20 - Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20210122-0004/ - Third Party Advisory |
26 Jan 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2020-12-06 00:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-29573
Mitre link : CVE-2020-29573
CVE.ORG link : CVE-2020-29573
JSON object : View
Products Affected
netapp
- cloud_backup
- solidfire_baseboard_management_controller
gnu
- glibc
redhat
- enterprise_linux
CWE
CWE-787
Out-of-bounds Write