CVE-2019-7309

Name of the Vulnerable Software and Affected Versions glibc versions through 2.29

Description The issue is related to the memcmp function in the GNU C Library, which has insufficient input validation. This can lead to incorrect results, potentially allowing an attacker to cause a denial of service. Specifically, for the x32 architecture, the memcmp function can incorrectly return zero, indicating that the inputs are equal, due to mishandling of the RDX most significant bit.

Recommendations For glibc versions through 2.29, consider updating to a version where this issue is fixed, as the current version may allow an attacker to exploit the memcmp function, leading to a denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.