https://community.nxp.com/t5/i-MX-Processors/Glibc-2-23-library-CVE-2018-11237/m-p/809097#M124780 <HTML><HEAD></HEAD><BODY><P>Thanks</P></BODY></HTML> Mon, 06 Aug 2018 14:07:11 GMT niranjanbc 2018-08-06T14:07:11Z https://community.nxp.com/t5/i-MX-Processors/Glibc-2-23-library-CVE-2018-11237/m-p/809095#M124778 <HTML><HEAD></HEAD><BODY><P>there is a CVE "<A data-original-title="" href="https://nvd.nist.gov/vuln/detail/CVE-2018-11237" style="color: #003145; background-color: #ffffff; text-decoration: underline;" target="_blank" title="">CVE-2018-11237</A>" reported for Glibc library, which is explained below. does this CVE is applicable to your NXP chips, in our product we are using Imx6solox</P><P></P><P><STRONG>CVE Description:</STRONG></P><P><SPAN style="color: #333333; background-color: #ffffff;">An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.</SPAN></P><P></P><P>Thanks</P><P>Niranjan</P></BODY></HTML> Wed, 01 Aug 2018 18:01:22 GMT https://community.nxp.com/t5/i-MX-Processors/Glibc-2-23-library-CVE-2018-11237/m-p/809095#M124778 niranjanbc 2018-08-01T18:01:22Z https://community.nxp.com/t5/i-MX-Processors/Glibc-2-23-library-CVE-2018-11237/m-p/809096#M124779 <HTML><HEAD></HEAD><BODY><P>Hello niranjanbc,</P><P></P><P>Not applicable to MX6SoloX,</P><P></P><P>Regards</P></BODY></HTML> Thu, 02 Aug 2018 20:35:41 GMT https://community.nxp.com/t5/i-MX-Processors/Glibc-2-23-library-CVE-2018-11237/m-p/809096#M124779 Bio_TICFSL 2018-08-02T20:35:41Z https://community.nxp.com/t5/i-MX-Processors/Glibc-2-23-library-CVE-2018-11237/m-p/809097#M124780 <HTML><HEAD></HEAD><BODY><P>Thanks</P></BODY></HTML> Mon, 06 Aug 2018 14:07:11 GMT https://community.nxp.com/t5/i-MX-Processors/Glibc-2-23-library-CVE-2018-11237/m-p/809097#M124780 niranjanbc 2018-08-06T14:07:11Z