A flaw was found in glibc. In 2.24, MALLOC_ALIGNMENT was increased on ppc, which led to an integer overflow in _int_malloc. In 2.26, MALLOC_ALIGNMENT was increased on i386 as well, causing the same integer overflow to occur on i386 also. These overflows affect malloc as well as aligned memory allocation functions in cases where the requested alignment is small enough to internally use _int_malloc. References: https://sourceware.org/bugzilla/show_bug.cgi?id=22774 Patch: https://sourceware.org/git/?p=glibc.git;a=commit;h=8e448310d74b283c5cd02b9ed7fb997b47bf9b22
Statement: This issue did not affect the versions of glibc and compat-glibc as shipped with Red Hat Enterprise Linux 5, 6, and 7.