CVE-2018-11237

Published: May 18, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://sourceware.org/bugzilla/show_bug.cgi?id=23196

x_refsource_MISC

44750

exploit

x_refsource_EXPLOIT-DB

104256

vdb-entry

x_refsource_BID

RHSA-2018:3092

vendor-advisory

x_refsource_REDHAT

https://security.netapp.com/advisory/ntap-20190329-0001/

x_refsource_CONFIRM

https://security.netapp.com/advisory/ntap-20190401-0001/

x_refsource_CONFIRM

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

x_refsource_MISC

RHBA-2019:0327

vendor-advisory

x_refsource_REDHAT

USN-4416-1

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-11237

Description

Affected Products

References