Описание
An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow.
Ссылки
- Mailing ListRelease NotesThird Party Advisory
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListRelease NotesThird Party Advisory
- Mailing ListRelease NotesThird Party Advisory
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListRelease NotesThird Party Advisory
Уязвимые конфигурации
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow.
An issue was discovered in klibc before 2.0.9. Multiplication in the c ...
An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow.
Уязвимость функции calloc() библиотеки среды выполнения Klibc, связанная с целочисленным переполнением, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2