Critical vulnerability in Glibc implementation of memcpy function for ARMv7
Security researchers from Cisco have disclosed details of a vulnerability (CVE-2020-6096) in the implementation of the memcpy() function provided in Glibc for the 32-bit ARMv7 platform. The problem is caused by incorrect handling of negative values of the parameter that determines the size of the copied area, due to the use of assembly optimizations that manipulate signed 32-bit integers. Calling memcpy() on ARMv7 systems with a negative size results in incorrect value comparison and […]