CVE-2020-10029

🗓️ 04 Mar 2020 00:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 460 Views

The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern

Reporter	Title	Published	Views	Family All 213
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues	1 Mar 202417:42	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues	30 Nov 202318:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU C Library ( CVE-2020-10029)	12 Jan 202321:59	–	ibm
IBM Security Bulletins	Security Bulletin: Netcool Operations Insight v1.6.8 addresses multiple security vulnerabilities.	11 Apr 202311:47	–	ibm
IBM Security Bulletins	Security Bulletin: Cloud Pak for Security contains security vulnerabilities	13 May 202121:45	–	ibm
IBM Security Bulletins	Security Bulletin: A GNU C Library vulnerability affects IBM Watson Text to Speech and Speech to Text (IBM Watson Speech Services for Cloud Pak for Data 1.2)	16 Dec 202017:44	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Db2® REST	20 May 202423:34	–	ibm
IBM Security Bulletins	Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs	19 Oct 202115:38	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Network Automation 2.6.4 fixes multiple security vulnerabilities	15 Dec 202314:31	–	ibm
IBM Security Bulletins	Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability.	15 Dec 202105:04	–	ibm

NVD

Node

gnu glibcRange<2.32.0

Node

fedoraproject fedoraMatch30

fedoraproject fedoraMatch31

fedoraproject fedoraMatch32

Node

canonical ubuntu_linuxMatch16.04esm

canonical ubuntu_linuxMatch18.04lts

canonical ubuntu_linuxMatch19.10

Node

opensuse leapMatch15.1

Node

netapp active_iq_unified_managerMatch-vmware_vsphere

netapp cloud_backupMatch-

netapp hci_management_nodeMatch-

netapp solidfireMatch-

netapp steelstore_cloud_integrated_storageMatch-

Node

netapp h410c_firmwareMatch-

AND

netapp h410cMatch-

Node

debian debian_linuxMatch10.0

Source	Link
security	www.security.gentoo.org/glsa/202006-04
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/
security	www.security.netapp.com/advisory/ntap-20200327-0003/
lists	www.lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html
sourceware	www.sourceware.org/bugzilla/show_bug.cgi
lists	www.lists.debian.org/debian-lts-announce/2022/10/msg00021.html
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/
sourceware	www.sourceware.org/git/gitweb.cgi
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/
usn	www.usn.ubuntu.com/4416-1/

21 Nov 2024 04:54Current

6.4Medium risk

Vulners AI Score6.4

CVSS 22.1

CVSS 3.15.5

EPSS0.0005

CWE-787