Описание
A flaw was found in musl libc. This stack-based memory corruption vulnerability occurs when the qsort function processes extremely large arrays due to incorrectly implemented double-word primitives. A local attacker could exploit this by providing a specially crafted, very large array, potentially leading to arbitrary code execution or a denial of service.
Отчет
AN IMPORTANT stack-based memory corruption flaw in musl libc's qsort function could lead to arbitrary code execution or denial of service. This vulnerability requires a local attacker to provide an extremely large, specially crafted array, exceeding millions of elements, making practical exploitation highly improbable in typical Red Hat environments.
Дополнительная информация
Статус:
EPSS
7.8 High
CVSS3
Связанные уязвимости
An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory corruption can occur during qsort of very large arrays, due to incorrectly implemented double-word primitives. The number of elements must exceed about seven million, i.e., the 32nd Leonardo number on 32-bit platforms (or the 64th Leonardo number on 64-bit platforms, which is not practical).
An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory corruption can occur during qsort of very large arrays, due to incorrectly implemented double-word primitives. The number of elements must exceed about seven million, i.e., the 32nd Leonardo number on 32-bit platforms (or the 64th Leonardo number on 64-bit platforms, which is not practical).
An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based ...
An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory corruption can occur during qsort of very large arrays, due to incorrectly implemented double-word primitives. The number of elements must exceed about seven million, i.e., the 32nd Leonardo number on 32-bit platforms (or the 64th Leonardo number on 64-bit platforms, which is not practical).
EPSS
7.8 High
CVSS3