CVE-2020-6096

Description

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
eglibc	25.10 questing	Not in release
	25.04 plucky	Not in release
	24.10 oracular	Not in release
	24.04 LTS noble	Not in release
	23.10 mantic	Not in release
	23.04 lunar	Not in release
	22.10 kinetic	Not in release
	22.04 LTS jammy	Not in release
	21.10 impish	Not in release
	21.04 hirsute	Not in release
	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	19.10 eoan	Not in release
	18.04 LTS bionic	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Vulnerable
glibc	25.10 questing	Fixed 2.32-0ubuntu3
	25.04 plucky	Fixed 2.32-0ubuntu3
	24.10 oracular	Fixed 2.32-0ubuntu3
	24.04 LTS noble	Fixed 2.32-0ubuntu3
	23.10 mantic	Fixed 2.32-0ubuntu3
	23.04 lunar	Fixed 2.32-0ubuntu3
	22.10 kinetic	Fixed 2.32-0ubuntu3
	22.04 LTS jammy	Fixed 2.32-0ubuntu3
	21.10 impish	Fixed 2.32-0ubuntu3
	21.04 hirsute	Fixed 2.32-0ubuntu3
	20.10 groovy	Fixed 2.32-0ubuntu3
	20.04 LTS focal	Fixed 2.31-0ubuntu9.7
	19.10 eoan	Ignored end of life
	18.04 LTS bionic	Fixed 2.27-3ubuntu1.5
	16.04 LTS xenial	Fixed 2.23-0ubuntu11.3
	14.04 LTS trusty	Not in release

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
glibc	Upstream: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=eec0f4218cda936a6ab8f543e90b96b196df3fc2 Upstream: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=eca1b233322914d9013f3ee4aabecaadc9245abd Upstream: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=79a4fa341b8a89cb03f84564fd72abaa1a2db394 Upstream: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=beea361050728138b82c57dda0c4810402d342b9 Upstream: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=7b5f02dc2a9278cd068a58a3db3644e24707be49

Package

Patch details

glibc

Severity score breakdown

Parameter	Value
Base score	8.1 · High
Attack vector	Network
Attack complexity	High
Privileges required	None
User interaction	None
Scope	Unchanged
Confidentiality	High
Integrity impact	High
Availability impact	High
Vector	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Cvss 3 Severity Score

Description

Status

Patch details

Severity score breakdown

References

Related Ubuntu Security Notices (USN)

Other references