mirror of
https://sourceware.org/git/glibc.git
synced 2024-11-27 03:33:33 +08:00
Record CVE-2018-6485 in ChangeLog and NEWS [BZ #22343]
This commit is contained in:
parent
673e230560
commit
4590634fd6
@ -702,6 +702,7 @@
|
||||
2018-01-18 Arjun Shankar <arjun@redhat.com>
|
||||
|
||||
[BZ #22343]
|
||||
CVE-2018-6485
|
||||
* malloc/malloc.c (checked_request2size): call REQUEST_OUT_OF_RANGE
|
||||
after padding.
|
||||
(_int_memalign): check for integer overflow before calling
|
||||
|
4
NEWS
4
NEWS
@ -258,6 +258,10 @@ Security related changes:
|
||||
succeeds without returning an absolute path due to unexpected behaviour
|
||||
of the Linux kernel getcwd syscall. Reported by halfdog.
|
||||
|
||||
CVE-2018-6485: The posix_memalign and memalign functions, when called with
|
||||
an object size near the value of SIZE_MAX, would return a pointer to a
|
||||
buffer which is too small, instead of NULL. Reported by Jakub Wilk.
|
||||
|
||||
The following bugs are resolved with this release:
|
||||
|
||||
[The release manager will add the list generated by
|
||||
|
Loading…
Reference in New Issue
Block a user