CVE-2020-1751

Priority
Description
An out-of-bounds write vulnerability was found in glibc before 2.31 when
handling signal trampolines on PowerPC. Specifically, the backtrace
function did not properly check the array bounds when storing the frame
address, resulting in a denial of service or potential code execution. The
highest threat from this vulnerability is to system availability.
Notes
leosilva-esm releases only supports amd64 arch
mdeslaurintroduced in https://sourceware.org/git/?p=glibc.git;a=commit;h=d400dcac5e
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):not-affected
Ubuntu 14.04 ESM (Trusty Tahr):ignored (out of support)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Source: glibc (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (2.23-0ubuntu11.2)
Ubuntu 18.04 LTS (Bionic Beaver):released (2.27-3ubuntu1.2)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (2.31-0ubuntu9)
Ubuntu 20.10 (Groovy Gorilla):not-affected (2.31-0ubuntu9)
Patches:
Upstream:https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d93769405996dfc11d216ddbe415946617b5a494
More Information

Updated: 2020-07-28 20:08:17 UTC (commit d26b6ca9f5b3adb89bb036ce73ae7dab894935ec)