CVE-2020-0306

NameCVE-2020-0306
DescriptionIn LLVM, there is a possible ineffective stack cookie placement due to stack frame double reservation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-139666480
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
llvm-toolchain-10 (PTS)bullseye1:10.0.1-6undetermined
sid1:10.0.1-7undetermined
llvm-toolchain-11 (PTS)sid1:11.0.0-3undetermined
llvm-toolchain-8 (PTS)sid1:8.0.1-10undetermined
llvm-toolchain-9 (PTS)bullseye, sid1:9.0.1-14undetermined

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
llvm-toolchain-10source(unstable)undetermined
llvm-toolchain-11source(unstable)undetermined
llvm-toolchain-8source(unstable)undetermined
llvm-toolchain-9source(unstable)undetermined
Search for package or bug name: Reporting problems