sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a number, if the buffer is allocated the exact size required to represent that number as a string. For example, 1,234,567 (with padding to 13) overflows by two bytes.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2023/02/10/1 | |
https://security.netapp.com/advisory/ntap-20230302-0010/ | |
https://sourceware.org/bugzilla/show_bug.cgi?id=30068 | Exploit Issue Tracking Third Party Advisory |
Configurations
History
02 Mar 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
11 Feb 2023, 01:23
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Feb 2023, 01:20
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
First Time |
Gnu glibc
Gnu |
|
CWE | CWE-787 | |
CPE | cpe:2.3:a:gnu:glibc:2.37:*:*:*:*:*:*:* | |
References | (MISC) https://sourceware.org/bugzilla/show_bug.cgi?id=30068 - Exploit, Issue Tracking, Third Party Advisory |
03 Feb 2023, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-03 06:15
Updated : 2023-12-10 14:48
NVD link : CVE-2023-25139
Mitre link : CVE-2023-25139
CVE.ORG link : CVE-2023-25139
JSON object : View
Products Affected
gnu
- glibc
CWE
CWE-787
Out-of-bounds Write