diff options
| author | Andreas Schwab <schwab@suse.de> | 2018-05-24 14:39:18 +0200 |
|---|---|---|
| committer | Fangrui Song <i@maskray.me> | 2021-08-27 16:22:13 -0700 |
| commit | c4fde9669a5782479c1d6bd964b6339b5130b7e2 (patch) | |
| tree | edd8dca3bce8a748c74bb7a94d2386597244e08b /NEWS | |
| parent | da768de04f2cdbf6117bddb7a23593d6fb4356fb (diff) | |
| download | glibc-c4fde9669a5782479c1d6bd964b6339b5130b7e2.zip glibc-c4fde9669a5782479c1d6bd964b6339b5130b7e2.tar.gz glibc-c4fde9669a5782479c1d6bd964b6339b5130b7e2.tar.bz2 | |
Don't write beyond destination in __mempcpy_avx512_no_vzeroupper (bug 23196)
When compiled as mempcpy, the return value is the end of the destination
buffer, thus it cannot be used to refer to the start of it.
(cherry picked from commit 9aaaab7c6e4176e61c59b0a63c6ba906d875dc0e)
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -48,6 +48,13 @@ The following bugs are resolved with this release: build with -Os) [23152] gd_GB: Fix typo in "May" (abbreviated) [23166] sunrpc: Remove stray exports without --enable-obsolete-rpc + [23196] __mempcpy_avx512_no_vzeroupper mishandles large copies + +Security related changes: + + CVE-2018-11237: The mempcpy implementation for the Intel Xeon Phi + architecture could write beyond the target buffer, resulting in a buffer + overflow. Reported by Andreas Schwab. Version 2.27 |