Stack Buffer Overflow in GNU C Library's Range Reduction during 80-bit Long Double Function

Stack Buffer Overflow in GNU C Library's Range Reduction during 80-bit Long Double Function

CVE-2020-10029 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.

Learn more about our Web Application Penetration Testing UK.