Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2019-6488

The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy.

Related bugs and status

CVE-2019-6488 (Candidate) is related to these bugs:

Bug #420609: wrong LC_TIME in Italian

		In	Importance	Status
420609	wrong LC_TIME in Italian	glibc (Ubuntu)	Undecided	Invalid
420609	wrong LC_TIME in Italian	GLibC	Medium	Fix Released
420609	wrong LC_TIME in Italian	eglibc (Ubuntu)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://sourceware.org...
BID: 106671
GENTOO: GLSA-202006-04