Описание
uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| uclibc | fixed | 1.0.54-1 | package |
Примечания
https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04
https://github.com/wbx-github/uclibc-ng/commit/015d5b8c1a75b551f7f0215543fac01d55abfc0f (v1.0.37)
Связанные уязвимости
uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.
uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.
Уязвимость библиотеки uClibc для операционных систем семейства Linux, связанная с возможностью целочисленного переполнения, позволяющая нарушителю выполнить произвольный код