1542119 – (CVE-2018-6551) CVE-2018-6551 glibc: integer overflow in malloc functions

Bug 1542119 (CVE-2018-6551) - CVE-2018-6551 glibc: integer overflow in malloc functions

Summary: CVE-2018-6551 glibc: integer overflow in malloc functions

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2018-6551
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1548031 1548035 1548036
Blocks:	1542106
TreeView+	depends on / blocked

Reported:	2018-02-05 15:41 UTC by Laura Pardo
Modified:	2021-02-17 00:51 UTC (History)
CC List:	12 users (show)
Fixed In Version:	glibc 2.27
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2018-02-22 14:56:48 UTC
Embargoed:

Attachments	(Terms of Use)

Description Laura Pardo 2018-02-05 15:41:32 UTC

A flaw was found in glibc. In 2.24, MALLOC_ALIGNMENT was increased on ppc, which led to an integer overflow in _int_malloc. In 2.26, MALLOC_ALIGNMENT was increased on i386 as well, causing the same integer overflow to occur on i386 also. These overflows affect malloc as well as aligned memory allocation functions in cases where the requested alignment is small enough to internally use _int_malloc.


References:
https://sourceware.org/bugzilla/show_bug.cgi?id=22774

Patch:
https://sourceware.org/git/?p=glibc.git;a=commit;h=8e448310d74b283c5cd02b9ed7fb997b47bf9b22

Comment 7 Pedro Yóssis Silva Barbosa 2018-02-22 15:21:01 UTC

Statement:

This issue did not affect the versions of glibc and compat-glibc as shipped with Red Hat Enterprise Linux 5, 6, and 7.

Note You need to log in before you can comment on or make changes to this bug.