CVE-2025-5745

Medium CVSS: 5.6

The strncmp implementation optimized for the Power10 processor in the GNU C Library version 2.40 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.

Vendor

Gnu

Product

Glibc

CWE

CWE-665

Yayın Tarihi

2025-06-05 20:15:27

Güncelleme

2025-10-22 14:03:33

Source Identifier

3ff69d7a-14f2-4f67-a097-88dee7810d18

KEV Date Added

Kategoriler

CWE-665 Glibc MEDIUM Gnu 2025

Referanslar

https://sourceware.org/bugzilla/show_bug.cgi?id=33060

Benzer Kayıtlar

Medium

CVE-2026-4647

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files…

Medium

CVE-2026-3441

A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in t…

Medium

CVE-2026-3442

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read,…

Medium

CVE-2025-69648

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malfor…

Medium

CVE-2025-69647

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malfor…

High

CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary wi…