N/A

The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.

N/A

N/A

GNU C Library 安全漏洞

GNU C Library是GNU社区的一种按照LGPL许可协议发布的开源免费的C语言编译程序。 GNU C Library 2.39版本至2.41版本存在安全漏洞，该漏洞源于未保存调用者内容导致控制流被篡改或输入字符串泄露。

N/A

N/A