diff options
| -rw-r--r-- | ChangeLog | 1 | ||||
| -rw-r--r-- | NEWS | 4 |
2 files changed, 5 insertions, 0 deletions
@@ -702,6 +702,7 @@ 2018-01-18 Arjun Shankar <arjun@redhat.com> [BZ #22343] + CVE-2018-6485 * malloc/malloc.c (checked_request2size): call REQUEST_OUT_OF_RANGE after padding. (_int_memalign): check for integer overflow before calling @@ -258,6 +258,10 @@ Security related changes: succeeds without returning an absolute path due to unexpected behaviour of the Linux kernel getcwd syscall. Reported by halfdog. + CVE-2018-6485: The posix_memalign and memalign functions, when called with + an object size near the value of SIZE_MAX, would return a pointer to a + buffer which is too small, instead of NULL. Reported by Jakub Wilk. + The following bugs are resolved with this release: [The release manager will add the list generated by |