CVE-2020-1751 MEDIUM

CVE-2020-1751

Vendor Red Hat
Product glibc
Weakness CWE-787
Published April 17, 2020
Last update August 4, 2024

CVSS base score

5.1/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.

Key dates

02Disclosure timeline

April 17, 2020 CVE published
August 4, 2024 Record updated