CVE-2018-11237
Description
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.797
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Desktop 12-SP3 ) glibc-2.22-62.13.2.x86_64.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Desktop 12-SP3 ) glibc-32bit-2.22-62.13.2.x86_64.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Desktop 12-SP3 ) glibc-debuginfo-2.22-62.13.2.x86_64.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Desktop 12-SP3 ) glibc-debuginfo-32bit-2.22-62.13.2.x86_64.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Desktop 12-SP3 ) glibc-debugsource-2.22-62.13.2.x86_64.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Desktop 12-SP3 ) glibc-devel-2.22-62.13.2.x86_64.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Desktop 12-SP3 ) glibc-devel-32bit-2.22-62.13.2.x86_64.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Desktop 12-SP3 ) glibc-devel-debuginfo-2.22-62.13.2.x86_64.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Desktop 12-SP3 ) glibc-devel-debuginfo-32bit-2.22-62.13.2.x86_64.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Server 12-SP3 ) glibc-html-2.22-62.13.2.noarch.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Desktop 12-SP3 ) glibc-i18ndata-2.22-62.13.2.noarch.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Server 12-SP3 ) glibc-info-2.22-62.13.2.noarch.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Desktop 12-SP3 ) glibc-locale-2.22-62.13.2.x86_64.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Desktop 12-SP3 ) glibc-locale-32bit-2.22-62.13.2.x86_64.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Desktop 12-SP3 ) glibc-locale-debuginfo-2.22-62.13.2.x86_64.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Desktop 12-SP3 ) glibc-locale-debuginfo-32bit-2.22-62.13.2.x86_64.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Server 12-SP3 ) glibc-profile-2.22-62.13.2.x86_64.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Server 12-SP3 ) glibc-profile-32bit-2.22-62.13.2.x86_64.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Desktop 12-SP3 ) nscd-2.22-62.13.2.x86_64.rpm | Linux |
| SUSE-SU-2018:1562-1(SUSE Linux Enterprise Desktop 12-SP3 ) nscd-debuginfo-2.22-62.13.2.x86_64.rpm | Linux |
| (RHSA-2018:3092) glibc security, bug fix, and enhancement update glibc-2.17-260.el7.i686.rpm | Linux |
| (RHSA-2018:3092) glibc security, bug fix, and enhancement update glibc-2.17-260.el7.x86_64.rpm | Linux |
| (RHSA-2018:3092) glibc security, bug fix, and enhancement update glibc-common-2.17-260.el7.x86_64.rpm | Linux |
| (RHSA-2018:3092) glibc security, bug fix, and enhancement update glibc-devel-2.17-260.el7.i686.rpm | Linux |
| (RHSA-2018:3092) glibc security, bug fix, and enhancement update glibc-devel-2.17-260.el7.x86_64.rpm | Linux |
| (RHSA-2018:3092) glibc security, bug fix, and enhancement update glibc-headers-2.17-260.el7.x86_64.rpm | Linux |
| (RHSA-2018:3092) glibc security, bug fix, and enhancement update glibc-static-2.17-260.el7.i686.rpm | Linux |
| (RHSA-2018:3092) glibc security, bug fix, and enhancement update glibc-static-2.17-260.el7.x86_64.rpm | Linux |
| (RHSA-2018:3092) glibc security, bug fix, and enhancement update glibc-utils-2.17-260.el7.x86_64.rpm | Linux |
| (RHSA-2018:3092) glibc security, bug fix, and enhancement update nscd-2.17-260.el7.x86_64.rpm | Linux |
| GNU C Library (USN-4416-1) libc6_2.27-3ubuntu1.2_i386.deb | Linux |
| GNU C Library (USN-4416-1) libc6_2.27-3ubuntu1.2_amd64.deb | Linux |
| GNU C Library (USN-4416-1) libc6_2.30-0ubuntu2.2_i386.deb | Linux |
| GNU C Library (USN-4416-1) libc6_2.30-0ubuntu2.2_amd64.deb | Linux |
| GNU C Library (USN-4416-1) libc6_2.23-0ubuntu11.2_i386.deb | Linux |
| GNU C Library (USN-4416-1) libc6_2.23-0ubuntu11.2_amd64.deb | Linux |
| Out-of-bounds Write Vulnerability (CVE-2018-11237) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234