Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GNU C Library 缓冲区错误漏洞
Vulnerability Description
GNU C Library(glibc,libc6)是一种按照LGPL许可协议发布的开源免费的C语言编译程序。 GNU C Library 2.4版本和2.17及之前的版本,Embedded GLIBC中的PTR_MANGLE实现中存在输入验证漏洞,该漏洞源于程序没有初始化‘pointer guard’的随机值。攻击者可利用该漏洞控制流程,并使用已知的零指针值计算指针地址。
CVSS Information
N/A
Vulnerability Type
N/A