CVE-2020-6096

MEDIUM

Description

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.

References

https://lists.apache.org/thread.html/[email protected]%3Cdev.mina.apache.org%3E

https://lists.fedoraproject.org/archives/list/[email protected]/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/

https://lists.fedoraproject.org/archives/list/[email protected]/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/

https://security.gentoo.org/glsa/202101-20

https://sourceware.org/bugzilla/show_bug.cgi?id=25620

https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019

Details

Source: MITRE

Published: 2020-04-01

Updated: 2021-03-04

Type: CWE-191

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 8.1

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.2

Severity: HIGH

Tenable Plugins

View all (9 total)

IDNameProductFamilySeverity
147594EulerOS : glibc (EulerOS-SA-2021-1600)NessusHuawei Local Security Checks
medium
146627Amazon Linux 2 : glibc (ALAS-2021-1605)NessusAmazon Linux Local Security Checks
medium
145333GLSA-202101-20 : glibc: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
145196Fedora 32 : glibc (2021-6e581c051a)NessusFedora Local Security Checks
medium
140967EulerOS Virtualization for ARM 64 3.0.6.0 : glibc (EulerOS-SA-2020-2019)NessusHuawei Local Security Checks
medium
140326EulerOS Virtualization for ARM 64 3.0.2.0 : glibc (EulerOS-SA-2020-1956)NessusHuawei Local Security Checks
medium
139952EulerOS 2.0 SP8 : glibc (EulerOS-SA-2020-1849)NessusHuawei Local Security Checks
medium
139259Fedora 31 : glibc (2020-4e92a61688)NessusFedora Local Security Checks
medium
138656Fedora 32 : glibc (2020-d860479b2a)NessusFedora Local Security Checks
medium