#VU26388 Stack-based buffer overflow in Glibc - CVE-2020-10029
Published: March 25, 2020
Vulnerability identifier: #VU26388
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2020-10029
CWE-ID: CWE-121
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Glibc
Glibc
Software vendor:
GNU
GNU
Description
The vulnerability allows an attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within "sysdeps/ieee754/ldbl-96/e_rem_pio2l.c" in GNU C Library (aka glibc or libc6). An attacker can pas specially crafted input to the application and trigger a stack-based buffer overflow.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system or denial of service conditions.
Remediation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.