AVG-1324 log
| Package | glibc, lib32-glibc |
| Status | Not affected |
| Severity | Medium |
| Type | arbitrary code execution |
| Affected | 2.32-5 |
| Fixed | Not affected |
| Current | 2.39-2 [core] |
| Ticket | None |
| Created | Sun Dec 6 09:21:27 2020 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-29573 | Medium | No | Arbitrary code execution | sysdeps/i386/ldbl2mpn.c in glibc before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an... |
| References |
|---|
https://sourceware.org/bugzilla/show_bug.cgi?id=26649 |
| Notes |
|---|
With GCC 10 and glibc 2.32, this behavior is not visible because __builtin_isnan is used, which avoids calling __mpn_extract_long_double in this case. |