Description
The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.
References (3)
Core 3
Core References
Patch x_refsource_confirm
https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=8e448310d74b283c5cd02b9ed7fb997b47bf9b22
Issue Tracking, Mailing List, Third Party Advisory x_refsource_confirm
https://sourceware.org/bugzilla/show_bug.cgi?id=22774
Vendor Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20190404-0003/
Scores
CVSS v3
9.8
EPSS
0.0042
EPSS Percentile
61.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-190
CWE-787
Status
published
Products (1)
gnu/glibc
2.24 - 2.26
Published
Feb 02, 2018
Tracked Since
Feb 18, 2026