UBUNTU-CVE-2020-29573
- Source
- https://ubuntu.com/security/CVE-2020-29573
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-29573.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2020-29573
- Related
- Published
- 2020-12-06T00:15:00Z
- Modified
- 2025-04-10T13:17:31Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of "Fixed for glibc 2.33" in the 26649 reference.
- References
Affected packages
Ubuntu:Pro:14.04:LTS / eglibc
Package
- Name
- eglibc
- Purl
- pkg:deb/ubuntu/eglibc@2.19-0ubuntu6.15+esm4?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.17-93ubuntu4
2.18-0ubuntu1
2.18-0ubuntu2
2.18-0ubuntu4
2.18-0ubuntu5
2.18-0ubuntu6
2.18-0ubuntu7
2.19-0ubuntu2
2.19-0ubuntu3
2.19-0ubuntu4
2.19-0ubuntu5
2.19-0ubuntu6
2.19-0ubuntu6.1
2.19-0ubuntu6.3
2.19-0ubuntu6.4
2.19-0ubuntu6.5
2.19-0ubuntu6.6
2.19-0ubuntu6.7
2.19-0ubuntu6.8
2.19-0ubuntu6.9
2.19-0ubuntu6.10
2.19-0ubuntu6.11
2.19-0ubuntu6.13
2.19-0ubuntu6.14
2.19-0ubuntu6.15
2.19-0ubuntu6.15+esm1
2.19-0ubuntu6.15+esm2
2.19-0ubuntu6.15+esm3
2.19-0ubuntu6.15+esm4
Ubuntu:16.04:LTS / glibc
Package
- Name
- glibc
- Purl
- pkg:deb/ubuntu/glibc@2.23-0ubuntu11.2?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.23-0ubuntu11.2
Affected versions
2.*
2.21-0ubuntu4
2.21-0ubuntu5
2.21-0ubuntu6
2.23-0ubuntu1
2.23-0ubuntu2
2.23-0ubuntu3
2.23-0ubuntu4
2.23-0ubuntu5
2.23-0ubuntu6
2.23-0ubuntu7
2.23-0ubuntu9
2.23-0ubuntu10
2.23-0ubuntu11
Ecosystem specific
{
"ubuntu_priority": "low",
"availability": "No subscription required",
"binaries": [
{
"binary_name": "glibc-doc",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "glibc-source",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc-bin",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc-bin-dbgsym",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc-dev-bin",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc-dev-bin-dbgsym",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-amd64",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-amd64-dbgsym",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-armel",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-armel-dbgsym",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-dbg",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-dbgsym",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-dev",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-dev-amd64",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-dev-armel",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-dev-i386",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-dev-ppc64",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-dev-s390",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-dev-x32",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-i386",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-i386-dbgsym",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-pic",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-ppc64",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-ppc64-dbgsym",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-s390",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-s390-dbgsym",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-udeb",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-udeb-dbgsym",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-x32",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "libc6-x32-dbgsym",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "locales",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "locales-all",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "multiarch-support",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "nscd",
"binary_version": "2.23-0ubuntu11.2"
},
{
"binary_name": "nscd-dbgsym",
"binary_version": "2.23-0ubuntu11.2"
}
]
}
Ubuntu:18.04:LTS / glibc
Package
- Name
- glibc
- Purl
- pkg:deb/ubuntu/glibc@2.27-3ubuntu1.4?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.27-3ubuntu1.4
Affected versions
2.*
2.26-0ubuntu2
2.26-0ubuntu2.1
2.27-0ubuntu2
2.27-0ubuntu3
2.27-3ubuntu1
2.27-3ubuntu1.2
2.27-3ubuntu1.3
Ecosystem specific
{
"ubuntu_priority": "low",
"availability": "No subscription required",
"binaries": [
{
"binary_name": "glibc-doc",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "glibc-source",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc-bin",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc-bin-dbgsym",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc-dev-bin",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc-dev-bin-dbgsym",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-amd64",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-amd64-dbgsym",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-armel",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-armel-dbgsym",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-dbg",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-dev",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-dev-amd64",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-dev-armel",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-dev-i386",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-dev-s390",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-dev-x32",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-i386",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-i386-dbgsym",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-lse",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-pic",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-s390",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-s390-dbgsym",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-udeb",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-x32",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "libc6-x32-dbgsym",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "locales",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "locales-all",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "multiarch-support",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "nscd",
"binary_version": "2.27-3ubuntu1.4"
},
{
"binary_name": "nscd-dbgsym",
"binary_version": "2.27-3ubuntu1.4"
}
]
}
Ubuntu:20.04:LTS / glibc
Package
- Name
- glibc
- Purl
- pkg:deb/ubuntu/glibc@2.31-0ubuntu9.1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.31-0ubuntu9.1
Affected versions
2.*
2.30-0ubuntu2
2.30-0ubuntu3
2.31-0ubuntu5
2.31-0ubuntu6
2.31-0ubuntu7
2.31-0ubuntu9
Ecosystem specific
{
"ubuntu_priority": "low",
"availability": "No subscription required",
"binaries": [
{
"binary_name": "glibc-doc",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "glibc-source",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc-bin",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc-bin-dbgsym",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc-dev-bin",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc-dev-bin-dbgsym",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-amd64",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-amd64-dbgsym",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-armel",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-armel-dbgsym",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-dbg",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-dev",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-dev-amd64",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-dev-armel",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-dev-i386",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-dev-s390",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-dev-x32",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-i386",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-i386-dbgsym",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-lse",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-pic",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-s390",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-s390-dbgsym",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-udeb",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-x32",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "libc6-x32-dbgsym",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "locales",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "locales-all",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "nscd",
"binary_version": "2.31-0ubuntu9.1"
},
{
"binary_name": "nscd-dbgsym",
"binary_version": "2.31-0ubuntu9.1"
}
]
}