Buffer overflow vulnerability in AVX-512-optimized mempcpy function in glibc 2.27 and earlier

CVE-2018-11237 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.

Learn more about our Web Application Penetration Testing UK.