CVE-2020-10029: Medium severity GNU glibc vulnerability

Published Mar 4, 2020
·
Updated

Last updated 18 August 2025

Other sources

The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/erempio2l.c.

Launchpad

Affected Software

21 affected componentsFixes available
GNU glibc<2.32.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
openSUSE Leap=15.1
NetApp Active Iq Unified Manager Vmware Vsphere
NetApp Cloud Backup
NetApp Hci Management Node
NetApp Solidfire
NetApp Steelstore Cloud Integrated Storage
All of the following
NetApp H410c Firmware
NetApp H410c
Debian Debian Linux=10.0
NetApp H410c Firmware
NetApp H410c
IBM Watson Studio on Cloud Pak for Data<=4.0
IBM Watson Studio on Cloud Pak for Data<=5.0
debian/glibc
2.31-13+deb11u112.31-13+deb11u132.36-9+deb12u132.36-9+deb12u72.41-12+deb13u12.42-13

Remediation

Patch Available

https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f

Event History

Mar 4, 2020
CVE Published
via MITRE·12:00 AM
Data Sourced
via MITRE·12:00 AM
Description
Aug 28, 2025
Data Sourced
via IBM·12:00 AM
DescriptionAffected Software
Dec 3, 2025
Data Sourced
via Ubuntu·07:21 PM
RemedyDescriptionSeverityAffected Software
Feb 19, 2026
Data Sourced
via Launchpad·08:27 PM
Description
Feb 21, 2026
Data Sourced
via Debian·08:29 PM
DescriptionAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is CVE-2020-10029?

CVE-2020-10029 is a vulnerability in the GNU C Library (glibc) that could cause a denial of service by overflowing an on-stack buffer.

2

What is the severity of CVE-2020-10029?

The severity of CVE-2020-10029 is medium, with a severity value of 5.5.

3

Which software versions are affected by CVE-2020-10029?

The affected software versions are glibc 2.27-3ubuntu1.2, glibc 2.30, glibc 2.23-0ubuntu11.2, and various versions of glibc from Debian and IBM Cloud Pak for Security.

4

How can CVE-2020-10029 be fixed?

To fix CVE-2020-10029, upgrade to the recommended versions of glibc provided by the respective vendors or distribution maintainers.

5

Where can I find more information about CVE-2020-10029?

You can find more information about CVE-2020-10029 on the CVE Mitre website, Ubuntu Security Notices, and NIST National Vulnerability Database.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203