Note:
This project will be discontinued after December 13, 2021. [more]
2018-05-18
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
Products | Ubuntu_linux, Glibc, Data_ontap_edge, Element_software_management, Communications_session_border_controller, Enterprise_communications_broker, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Virtualization_host |
Type | Out-of-bounds Write (CWE-787) |
First patch | - None (likely due to unavailable code) |
Links |
• https://access.redhat.com/errata/RHBA-2019:0327
• https://usn.ubuntu.com/4416-1/ • http://www.securityfocus.com/bid/104256 • https://www.exploit-db.com/exploits/44750/ • https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html |