Описание
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.
A flaw was found in glibc in versions prior to 2.32. Pseudo-zero values are not validated causing a stack corruption due to a stack-based overflow. The highest threat from this vulnerability is to system availability.
Отчет
The glibc version shipped with Red Hat Enterprise Linux 8 is compiled using gcc's stack-protector option which mitigates the possibility of code execution led by the stack corruption. The glibc version shipped with Red Hat Enterprise Linux 7 is more difficult to exploit using this flaw, specifically for remote code execution. Because exploitation of the flaw depends on the usage of pseudo-zero values, an attacker can only overwrite the stack with 0s. Due to this, a valid address value for code execution is difficult to get and is likely to only result in a crash.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | glibc | Out of support scope | ||
| Red Hat Enterprise Linux 6 | glibc | Out of support scope | ||
| Red Hat Enterprise Linux 7 | glibc | Fixed | RHSA-2021:0348 | 02.02.2021 |
| Red Hat Enterprise Linux 7.6 Advanced Update Support(Disable again in 2026 - SPRHEL-7118) | glibc | Fixed | RHSA-2021:3315 | 31.08.2021 |
| Red Hat Enterprise Linux 7.6 Telco Extended Update Support | glibc | Fixed | RHSA-2021:3315 | 31.08.2021 |
| Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions | glibc | Fixed | RHSA-2021:3315 | 31.08.2021 |
| Red Hat Enterprise Linux 7.7 Extended Update Support | glibc | Fixed | RHSA-2021:2998 | 03.08.2021 |
| Red Hat Enterprise Linux 8 | glibc | Fixed | RHSA-2020:4444 | 04.11.2020 |
| Red Hat Enterprise Linux 8 | glibc | Fixed | RHSA-2020:4444 | 04.11.2020 |
| Red Hat OpenShift Do | openshiftdo/odo-init-image-rhel7 | Fixed | RHSA-2021:0949 | 22.03.2021 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.7 Medium
CVSS3
Связанные уязвимости
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an o ...
EPSS
5.7 Medium
CVSS3