CVE-2020-6096
moderate-risk
Published 2020-04-01
An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.
Do I need to act?
~
1.9% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.1/10
High
NETWORK
/ HIGH complexity
Affected Products (4)
Affected Vendors
References (14)
Third Party Advisory
https://security.gentoo.org/glsa/202101-20
Issue Tracking
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019
Third Party Advisory
https://security.gentoo.org/glsa/202101-20
Issue Tracking
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019
39
/ 100
moderate-risk
Severity
24/34 · High
Exploitability
5/34 · Minimal
Exposure
10/34 · Low