CVE-2020-6096

HIGH

GNU glibc 2.30.9000 - Memory Corruption

Title source: llm
STIX 2.1

Description

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.

References (7)

Core 7
Core References
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202101-20
Mailing List, Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html
Issue Tracking, Third Party Advisory
https://sourceware.org/bugzilla/show_bug.cgi?id=25620

Scores

CVSS v3 8.1
EPSS 0.0522
EPSS Percentile 91.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-681 CWE-195 CWE-191
Status published
Products (4)
debian/debian_linux 10.0
fedoraproject/fedora 31
fedoraproject/fedora 32
gnu/glibc < 2.31
Published Apr 01, 2020
Tracked Since Feb 18, 2026