From: Siddhesh Poyarekar Date: Thu, 5 Jun 2025 17:29:00 +0000 (-0400) Subject: Advisory text for CVE-2025-5702 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=62cb3ee57d08e05d15cca624af8b01878536ca03;p=thirdparty%2Fglibc.git Advisory text for CVE-2025-5702 The fix is not available yet, so this only records the first vulnerable commit. Signed-off-by: Siddhesh Poyarekar --- diff --git a/advisories/GLIBC-SA-2025-0003 b/advisories/GLIBC-SA-2025-0003 new file mode 100644 index 0000000000..c5f01c4fe5 --- /dev/null +++ b/advisories/GLIBC-SA-2025-0003 @@ -0,0 +1,26 @@ +power10: strcmp fails to save and restore nonvolatile vector registers + +The Power 10 implementation of strcmp in +sysdeps/powerpc/powerpc64/le/power10/strcmp.S failed to save/restore +nonvolatile vector registers in the 32-byte aligned loop path. This +results in callers reading content from those registers in a different +context, potentially altering program logic. + +There could be a program context where a user controlled string could +leak through strcmp into program code, thus altering its logic. There +is also a potential for sensitive strings passed into strcmp leaking +through the clobbered registers into parts of the calling program that +should otherwise not have had access to those strings. + +The impact of this flaw is limited to applications running on Power 10 +hardware that use the nonvolatile vector registers, i.e. v20 to v31 +assuming that they have been treated in accordance with the OpenPower +psABI. It is possible to work around the issue for those specific +applications by setting the glibc.cpu.hwcaps tunable to "-arch_3_1" like +so: + + export GLIBC_TUNABLES=glibc.cpu.hwcaps=-arch_3_1 + +CVE-id: CVE-2025-5702 +Public-Date: 2025-06-04 +Vulnerable-Commit: 3367d8e180848030d1646f088759f02b8dfe0d6f (2.39)