ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

CVE-2020-29573 vulnerability

book

Article ID: 221937

calendar_today

Updated On:

Products

Messaging Gateway for Service Providers

Issue/Introduction

Is SMG-SP affected by CVE-2020-29573?


CVE-2020-29573:
A stack buffer overflow flaw was found in glibc in the printf family of functions. sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf.

 

 

Environment

Release : 10.6

 

Resolution

Messaging Gateway for Service Providers (SMG-SP)10.6 is not affected by this vulnerability.