CVE-2020-29573

Published: Dic 06, 2020 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2020-21935 Aliases: GSD-2020-29573
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high
MEDIUM 5,0
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: none
Confidentiality: none
Integrity: none
Availability: partial

Description

AI Translation Available

sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of 'Fixed for glibc 2.33' in the 26649 reference.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0014
Percentile
0,3th
Updated

EPSS Score Trend (Last 90 Days)

787

Out-of-bounds Write

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Availability Other
Potential Impacts:
Modify Memory Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Unexpected State
Applicable Platforms
Languages: Assembly, C, C++, Memory-Unsafe
Technologies: ICS/OT
Likelihood of Exploit: High
View CWE Details
Hardware

Solidfire Baseboard Management Controller by Netapp

Product Information
Vendor Netapp
Product Solidfire Baseboard Management Controller
Version -
cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux
Version 7.0
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Glibc by Gnu

Product Information
Vendor Gnu
Product Glibc
Version Range Affected
To 2.23 (exclusive)
cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:x86:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Cloud Backup by Netapp

Product Information
Vendor Netapp
Product Cloud Backup
Version -
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://security.gentoo.org/glsa/202101-20
Third Party Advisory
https://security.gentoo.org/glsa/202101-20
https://security.netapp.com/advisory/ntap-20210122-0004/
Third Party Advisory
https://security.netapp.com/advisory/ntap-20210122-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=26649
Issue Tracking Patch Third Party Advisory
https://sourceware.org/bugzilla/show_bug.cgi?id=26649
https://sourceware.org/pipermail/libc-alpha/2020-September/…
Patch Third Party Advisory
https://sourceware.org/pipermail/libc-alpha/2020-September/117779.html
https://security.gentoo.org/glsa/202101-20
Third Party Advisory
https://security.gentoo.org/glsa/202101-20
https://security.netapp.com/advisory/ntap-20210122-0004/
Third Party Advisory
https://security.netapp.com/advisory/ntap-20210122-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=26649
Issue Tracking Patch Third Party Advisory
https://sourceware.org/bugzilla/show_bug.cgi?id=26649
https://sourceware.org/pipermail/libc-alpha/2020-September/…
Patch Third Party Advisory
https://sourceware.org/pipermail/libc-alpha/2020-September/117779.html