CVE-2019-1010022 - Vulnerability Details - OpenCVE

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

Vendors	Products
Gnu	Glibc

Configuration 1 [-]

cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://nvd.nist.gov/vuln/detail/CVE-2019-1010022
https://security-tracker.debian.org/tracker/CVE-2019-1010022
https://sourceware.org/bugzilla/show_bug.cgi?id=22850
https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3
https://ubuntu.com/security/CVE-2019-1010022
https://www.cve.org/CVERecord?id=CVE-2019-1010022

History

Fri, 15 Nov 2024 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 25 Oct 2024 02:00:00 +0000

Type	Values Removed	Values Added
Metrics	threat_severity `Low`	threat_severity `None`

Thu, 24 Oct 2024 14:00:00 +0000

Type	Values Removed	Values Added
Metrics	threat_severity `None`	threat_severity `Low`

MITRE

Status: PUBLISHED

Assigner: dwf

Published: 2019-07-15T03:00:51

Updated: 2024-11-15T15:04:27.415Z

Reserved: 2019-03-20T00:00:00

Link: CVE-2019-1010022

Vulnrichment

Updated: 2024-08-05T03:07:18.071Z

NVD

Status : Modified

Published: 2019-07-15T04:15:13.317

Modified: 2024-11-21T04:17:55.500

Link: CVE-2019-1010022

Redhat

Severity :

Publid Date: 2019-03-20T00:00:00Z

Links: CVE-2019-1010022 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "glibc", "vendor": "GNU C Library", "versions": [{"status": "affected", "version": "current (At least as of 2018-02-16)"}]}], "descriptions": [{"lang": "en", "value": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat."}], "problemTypes": [{"descriptions": [{"description": "Mitigation bypass", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-06-10T16:12:20", "orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "shortName": "dwf"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850"}, {"name": "CVE-2019-1010022", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://security-tracker.debian.org/tracker/CVE-2019-1010022"}, {"name": "CVE-2019-1010022", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://ubuntu.com/security/CVE-2019-1010022"}, {"tags": ["x_refsource_MISC"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3"}], "tags": ["disputed"], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve-assign@distributedweaknessfiling.org", "ID": "CVE-2019-1010022", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "glibc", "version": {"version_data": [{"version_value": "current (At least as of 2018-02-16)"}]}}]}, "vendor_name": "GNU C Library"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Mitigation bypass"}]}]}, "references": {"reference_data": [{"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", "refsource": "MISC", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850"}, {"name": "CVE-2019-1010022", "refsource": "DEBIAN", "url": "https://security-tracker.debian.org/tracker/CVE-2019-1010022"}, {"name": "CVE-2019-1010022", "refsource": "UBUNTU", "url": "https://ubuntu.com/security/CVE-2019-1010022"}, {"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", "refsource": "MISC", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:07:18.071Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850"}, {"name": "CVE-2019-1010022", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://security-tracker.debian.org/tracker/CVE-2019-1010022"}, {"name": "CVE-2019-1010022", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://ubuntu.com/security/CVE-2019-1010022"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-04-24T16:01:23.968883Z", "id": "CVE-2019-1010022", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-15T15:04:27.415Z"}}]}, "cveMetadata": {"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "assignerShortName": "dwf", "cveId": "CVE-2019-1010022", "datePublished": "2019-07-15T03:00:51", "dateReserved": "2019-03-20T00:00:00", "dateUpdated": "2024-11-15T15:04:27.415Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", "name": "CVE-2019-1010022", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"]}, {"url": "https://ubuntu.com/security/CVE-2019-1010022", "name": "CVE-2019-1010022", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"]}, {"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:07:18.071Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-1010022", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-04-24T16:01:23.968883Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-15T15:04:19.238Z"}}], "cna": {"tags": ["disputed"], "affected": [{"vendor": "GNU C Library", "product": "glibc", "versions": [{"status": "affected", "version": "current (At least as of 2018-02-16)"}]}], "references": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", "tags": ["x_refsource_MISC"]}, {"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", "name": "CVE-2019-1010022", "tags": ["vendor-advisory", "x_refsource_DEBIAN"]}, {"url": "https://ubuntu.com/security/CVE-2019-1010022", "name": "CVE-2019-1010022", "tags": ["vendor-advisory", "x_refsource_UBUNTU"]}, {"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Mitigation bypass"}]}], "providerMetadata": {"orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "shortName": "dwf", "dateUpdated": "2021-06-10T16:12:20"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "current (At least as of 2018-02-16)"}]}, "product_name": "glibc"}]}, "vendor_name": "GNU C Library"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850", "refsource": "MISC"}, {"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", "name": "CVE-2019-1010022", "refsource": "DEBIAN"}, {"url": "https://ubuntu.com/security/CVE-2019-1010022", "name": "CVE-2019-1010022", "refsource": "UBUNTU"}, {"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3", "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Mitigation bypass"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2019-1010022", "STATE": "PUBLIC", "ASSIGNER": "cve-assign@distributedweaknessfiling.org"}}}}, "cveMetadata": {"cveId": "CVE-2019-1010022", "state": "PUBLISHED", "dateUpdated": "2024-11-15T15:04:27.415Z", "dateReserved": "2019-03-20T00:00:00", "assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "datePublished": "2019-07-15T03:00:51", "assignerShortName": "dwf"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:*:*", "matchCriteriaId": "68D5A70D-5CEE-4E19-BF35-0245A0E0F6BC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "josh@bress.net", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat."}, {"lang": "es", "value": "** EN DISPUTA ** La biblioteca Libc actual de GNU est\u00e1 afectada por: Omisi\u00f3n de Mitigaci\u00f3n. El impacto es: El atacante puede omitir la protecci\u00f3n stack guard. El componente es: nptl. El vector de ataque es: explotar la vulnerabilidad de desbordamiento del b\u00fafer de la pila y utilizar esta vulnerabilidad de omisi\u00f3n para eludir la protecci\u00f3n stack guard. NOTA: Los comentarios de los usuarios indican que \"esto est\u00e1 siendo tratado como un error de no seguridad y no una amenaza real\"."}], "id": "CVE-2019-1010022", "lastModified": "2024-11-21T04:17:55.500", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-07-15T04:15:13.317", "references": [{"source": "josh@bress.net", "url": "https://security-tracker.debian.org/tracker/CVE-2019-1010022"}, {"source": "josh@bress.net", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850"}, {"source": "josh@bress.net", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3"}, {"source": "josh@bress.net", "url": "https://ubuntu.com/security/CVE-2019-1010022"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security-tracker.debian.org/tracker/CVE-2019-1010022"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://ubuntu.com/security/CVE-2019-1010022"}], "sourceIdentifier": "josh@bress.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "glibc: stack guard protection bypass", "id": "1731964", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731964"}, "csaw": false, "cvss3": {"cvss3_base_score": "0.0", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N", "status": "draft"}, "cwe": "CWE-121->CWE-119->CWE-305", "details": ["GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.", "[Disputed] GNU Libc is impacted by a mitigation bypass issue in its nptl component, which could allow an attacker to bypass stack guard protections. The stack canary (designed to prevent stack-based buffer overflows) can be overwritten if an attacker already have exploited any stack buffer overflow vulnerability. The vulnerability arises when creating new threads with pthread_create(), where the tcbhead_t structure containing the stack_guard is placed on the thread stack, making it susceptible to overwriting. Although this weakens the stack canary protection, it is categorized as a post-attack mitigation rather than a direct security flaw. Upstream maintainers have indicated that this is being treated as a non-security issue with no immediate threat."], "name": "CVE-2019-1010022", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "glibc", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "glibc", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "glibc", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "glibc", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "glibc", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2019-03-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-1010022\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-1010022"], "statement": "Red Hat Product Security does not consider this to be a vulnerability. Also, the upstream project recognizes it as a hardening issue [1], they do not classify it as a security flaw.\nHere are some technical notes regarding the issue:\nThe issue relates to a mitigation bypass in the GNU Libc library's NPTL component, allowing attackers to circumvent stack guard protection via a stack buffer overflow. However, this is considered a post-attack mitigation rather than a direct vulnerability. According to the glibc security process [2], an issue must meet specific criteria for direct exploitation to be deemed a security bug.\nIn this case, the bypass of stack canary protection occurs by overwriting the stack_guard in the tcbhead_t structure, but only after a successful stack overflow attack. This issue does not directly lead to code execution. Instead, it weakens an additional layer of protection after an attack has already occurred, thus classifying it as a post-attack hardening issue.\nIn summary, while the issue has security implications, it does not meet the criteria to be classified as a direct security vulnerability.\n[1] https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3\n[2] https://sourceware.org/git/?p=glibc.git;a=blob;f=SECURITY.md"}