CVE-2020-1751 Vulnerability Details

  /     /     /  

CVE-2020-1751 Metadata Quick Info

CVE Published: 17/04/2020 | CVE Updated: 04/08/2024 | CVE Year: 2020
Source: redhat | Vendor: Red Hat | Product: glibc
Status : PUBLISHED

---

CVE-2020-1751 Description

An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.

Metrics

CVSS Version: 3.1 | Base Score: 5.1 MEDIUM
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

l➤ Exploitability Metrics:
    Attack Vector (AV)* LOCAL
    Attack Complexity (AC)* HIGH
    Privileges Required (PR)* NONE
    User Interaction (UI)* NONE
    Scope (S)* UNCHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* NONE
    Integrity Impact (I)* NONE
    Availability Impact (A)* HIGH

Weakness Enumeration (CWE)

CWE-ID: CWE-787
CWE Name: CWE-787
Source: Red Hat

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).