From 62cb3ee57d08e05d15cca624af8b01878536ca03 Mon Sep 17 00:00:00 2001 From: Siddhesh Poyarekar Date: Thu, 5 Jun 2025 13:29:00 -0400 Subject: [PATCH] Advisory text for CVE-2025-5702 The fix is not available yet, so this only records the first vulnerable commit. Signed-off-by: Siddhesh Poyarekar --- advisories/GLIBC-SA-2025-0003 | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 advisories/GLIBC-SA-2025-0003 diff --git a/advisories/GLIBC-SA-2025-0003 b/advisories/GLIBC-SA-2025-0003 new file mode 100644 index 0000000000..c5f01c4fe5 --- /dev/null +++ b/advisories/GLIBC-SA-2025-0003 @@ -0,0 +1,26 @@ +power10: strcmp fails to save and restore nonvolatile vector registers + +The Power 10 implementation of strcmp in +sysdeps/powerpc/powerpc64/le/power10/strcmp.S failed to save/restore +nonvolatile vector registers in the 32-byte aligned loop path. This +results in callers reading content from those registers in a different +context, potentially altering program logic. + +There could be a program context where a user controlled string could +leak through strcmp into program code, thus altering its logic. There +is also a potential for sensitive strings passed into strcmp leaking +through the clobbered registers into parts of the calling program that +should otherwise not have had access to those strings. + +The impact of this flaw is limited to applications running on Power 10 +hardware that use the nonvolatile vector registers, i.e. v20 to v31 +assuming that they have been treated in accordance with the OpenPower +psABI. It is possible to work around the issue for those specific +applications by setting the glibc.cpu.hwcaps tunable to "-arch_3_1" like +so: + + export GLIBC_TUNABLES=glibc.cpu.hwcaps=-arch_3_1 + +CVE-id: CVE-2025-5702 +Public-Date: 2025-06-04 +Vulnerable-Commit: 3367d8e180848030d1646f088759f02b8dfe0d6f (2.39) -- 2.47.2