CVE-2019-6488

Priority
Description
The string component in the GNU C Library (aka glibc or libc6) through
2.28, when running on the x32 architecture, incorrectly attempts to use a
64-bit register for size_t in assembly codes, which can lead to a
segmentation fault or possibly unspecified other impact, as demonstrated by
a crash in __memmove_avx_unaligned_erms in
sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy.
Notes
mdeslauronly affects x32
we will not be fixing this issue in Ubuntu stable releases,
marking as ignored
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):ignored
Ubuntu 14.04 ESM (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Source: glibc (LP Ubuntu Debian)
Upstream:released (2.29)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored
Ubuntu 18.04 LTS (Bionic Beaver):ignored
Ubuntu 19.10 (Eoan Ermine):not-affected (2.29-0ubuntu2)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (2.29-0ubuntu2)
Ubuntu 20.10 (Groovy Gorilla):not-affected (2.29-0ubuntu2)
More Information

Updated: 2020-06-04 17:16:20 UTC (commit 417525fc0750d4852cc5618d6b47dae5c0a199b7)