A flaw was found in glibc. An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption. References: https://sourceware.org/bugzilla/show_bug.cgi?id=22343 Patch: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8e448310d74b283c5cd02b9ed7fb997b47bf9b22
Created glibc tracking bugs for this issue: Affects: fedora-all [bug 1542103]
Statement: This issue affects the versions of glibc and compat-glibc as shipped with Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
glibc-2.26-26.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.
Hi, I am hoping to see a fix for CVE-2018-6485 in RHEL6 Thanks, Yogesh Sawant
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:3092 https://access.redhat.com/errata/RHSA-2018:3092