CVE-2020-1751
7.0
HIGH
CVSS 3.1
EPSS 0.24%
Description
An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.
How to fix CVE-2020-1751
To remediate CVE-2020-1751, upgrade the affected package to a fixed version below.
- —upgrade to 2.30-3 or later
Is CVE-2020-1751 being exploited?
Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2.30-3
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.0 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |