Advisory text for CVE-2025-5702

The fix is not available yet, so this only records the first vulnerable
commit.

Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

diff --git a/advisories/GLIBC-SA-2025-0003 b/advisories/GLIBC-SA-2025-0003
new file mode 100644 (file)
index 0000000..c5f01c4
--- /dev/null
+++ b/advisories/GLIBC-SA-2025-0003
@@ -0,0 +1,26 @@
+power10: strcmp fails to save and restore nonvolatile vector registers
+
+The Power 10 implementation of strcmp in
+sysdeps/powerpc/powerpc64/le/power10/strcmp.S failed to save/restore
+nonvolatile vector registers in the 32-byte aligned loop path.  This
+results in callers reading content from those registers in a different
+context, potentially altering program logic.
+
+There could be a program context where a user controlled string could
+leak through strcmp into program code, thus altering its logic.  There
+is also a potential for sensitive strings passed into strcmp leaking
+through the clobbered registers into parts of the calling program that
+should otherwise not have had access to those strings.
+
+The impact of this flaw is limited to applications running on Power 10
+hardware that use the nonvolatile vector registers, i.e. v20 to v31
+assuming that they have been treated in accordance with the OpenPower
+psABI.  It is possible to work around the issue for those specific
+applications by setting the glibc.cpu.hwcaps tunable to "-arch_3_1" like
+so:
+
+    export GLIBC_TUNABLES=glibc.cpu.hwcaps=-arch_3_1
+
+CVE-id: CVE-2025-5702
+Public-Date: 2025-06-04
+Vulnerable-Commit: 3367d8e180848030d1646f088759f02b8dfe0d6f (2.39)