Severity by source
AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory corruption can occur during qsort of very large arrays, due to incorrectly implemented double-word primitives. The number of elements must exceed about seven million, i.e., the 32nd Leonardo number on 32-bit platforms (or the 64th Leonardo number on 64-bit platforms, which is not practical).
AnalysisAI
Stack-based buffer overflow in musl libc 0.7.10 through 1.2.6 allows local attackers with high complexity requirements to corrupt memory during qsort operations on exceptionally large arrays (exceeding ~7 million elements on 32-bit systems, corresponding to the 32nd Leonardo number). Exploitation requires sorting arrays approaching billion-element scale on 64-bit platforms. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Local attacker or application must call qsort() on arrays exceeding ~7 million elements on 32-bit systems or ~64-bit Leonardo numbers on 64-bit systems. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | CVSS 8.1 reflects severe impact (confidentiality, integrity, availability) via local unauthenticated access on high-complexity conditions. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | Attacker with local system access crafts application invoking qsort() on artificially inflated dataset (>7M elements), triggering stack corruption in musl's double-word primitives. Overflow overwrites stack canaries and return addresses, achieving arbitrary code execution. … |
| Remediation | Monitor musl libc project release page (https://musl.libc.org/releases.html) for patched versions addressing this qsort vulnerability. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all systems and containers running musl libc versions 0.7.10-1.2.6 (check ldd --version or musl-libc --version; identify Alpine Linux, BusyBox-based images, and embedded Linux deployments). …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same technique Buffer Overflow
View allVendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-21496