Description
Integer overflow in the calloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which triggers a memory allocation of one byte.
References (2)
Core 2
Core References
Various Sources x_refsource_misc
http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/
Patch x_refsource_confirm
http://svnweb.freebsd.org/base?view=revision&revision=161263
Scores
EPSS
0.0032
EPSS Percentile
54.9%
Details
CWE
CWE-189
Status
published
Products (2)
freebsd/freebsd
6.4
netbsd/netbsd
Published
Jul 25, 2012
Tracked Since
Feb 18, 2026