Published: 04/03/2020 Updated: 07/11/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 188

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

The GNU C Library (aka glibc or libc6) prior to 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu glibc
fedoraproject fedora 30
fedoraproject fedora 31
fedoraproject fedora 32
canonical ubuntu linux 18.04
canonical ubuntu linux 19.10
canonical ubuntu linux 16.04
opensuse leap 15.1
netapp cloud backup -
netapp steelstore cloud integrated storage -
netapp solidfire -
netapp hci management node -
netapp active iq unified manager -
netapp h410c_firmware -
debian debian linux 10.0

Debian Bug report logs - #953108 glibc: CVE-2020-10029 Package: src:glibc; Maintainer for src:glibc is GNU Libc Maintainers <debian-glibc@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 4 Mar 2020 16:45:02 UTC Severity: important Tags: security, upstream Found in versions glibc/2 ...

Synopsis Moderate: glibc security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for glibc is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base s ...

Synopsis Moderate: Release of OpenShift Serverless 1110 Type/Severity Security Advisory: Moderate Topic Release of OpenShift Serverless 1110 Description Red Hat OpenShift Serverless 1110 is a generally available release of theOpenShift Serverless Operator This version of the OpenShif ...

Synopsis Moderate: OpenShift Container Platform 46 compliance-operator security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for compliance-content-container, ose-compliance-openscap-container, ose-compliance-operator-container, and ose-compliance-operator-metadata-container ...

Synopsis Moderate: Release of OpenShift Serverless 1120 Type/Severity Security Advisory: Moderate Topic Release of OpenShift Serverless 1120Red Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score,which gives a detaile ...

Synopsis Moderate: Red Hat Quay v333 bug fix and security update Type/Severity Security Advisory: Moderate Topic Red Hat Quay v333 is now available with bug fixes and security updatesRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring S ...

Synopsis Moderate: Red Hat Advanced Cluster Management 213 security and bug fix update Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 213 General Availabilityrelease images, which fix several bugs and security issues Red Hat Product Security has rated ...

Synopsis Moderate: Red Hat OpenShift Container Storage 460 security, bug fix, enhancement update Type/Severity Security Advisory: Moderate Topic Updated images are now available for Red Hat OpenShift Container Storage 460 on Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as ha ...

Synopsis Moderate: glibc security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for glibc is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ...

A vulnerability was discovered in glibc where the LD_PREFER_MAP_32BIT_EXEC environment variable is not ignored when running binaries with the setuid flag on x86_64 architectures This allows an attacker to force system to utilize only half of the memory (making the system think the software is 32-bit only), thus lowering the amount of memory being ...

Critical Infrastructure Sectors: Critical Manufacturing

CWE-787 https://sourceware.org/bugzilla/show_bug.cgi?id=25487 http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html https://security.netapp.com/advisory/ntap-20200327-0003/https://security.gentoo.org/glsa/202006-04 https://usn.ubuntu.com/4416-1/https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=9333498794cde1d5cca518badf79533a24114b6f https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953108 https://nvd.nist.gov https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10 https://alas.aws.amazon.com/ALAS-2021-1511.html

Get Started

CVE-2020-10029

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

References

Vulmon Search

About

Products

Connect