#VU13200 Buffer overflow in Glibc - CVE-2018-11237
Vulnerability identifier: #VU13200
Vulnerability risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-120
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Glibc
Universal components / Libraries /
Libraries used by multiple products
Vendor: GNU
Description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to an AVX-512-optimized implementation of the mempcpy function may write data beyond the target buffer. A local attacker can trigger buffer overflow in __mempcpy_avx512_no_vzeroupper and execute arbitrary code with elevated privileges.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Glibc: 2.27
External links
https://sourceware.org/ml/libc-alpha/2018-05/msg00713.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
