CVE-2019-6488

The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy.

Published : 2019-01-18 19:29 Updated : 2019-02-05 17:30

4.6
CVSS Score More info
Score 4.6 / 10
4.6
Vendor Product Version URI
Gnu Glibc 2.28 cpe:/a:gnu:glibc:2.28
  1. Gnu (1) Search CVE
    1. Glibc (1) Search CVE
      1. 2.28

CWE

ID Name Description Links
CWE-404 Improper Resource Shutdown or Release The program does not release or incorrectly releases a resource before it is made available for re-use. CVE

History of changes

Date Event
2019-02-05 17:30
2019-01-23 11:29
2019-01-18 19:29

New CVE