Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-6551

Опубликовано: 02 фев. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5
CVSS3: 9.8

Описание

The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

precise/esm

not-affected

trusty

not-affected

trusty/esm

not-affected

upstream

needs-triage

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

2.27-3ubuntu1
cosmic

not-affected

2.27-3ubuntu1
devel

not-affected

2.27-3ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

2.27-3ubuntu1
esm-infra/xenial

not-affected

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 61%
0.00419
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-6551

CVSS3: 5.3
redhat
около 8 лет назад

The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.

nvd логотип

CVE-2018-6551

CVSS3: 9.8
nvd
около 8 лет назад

The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.

debian логотип

CVE-2018-6551

CVSS3: 9.8
debian
около 8 лет назад

The malloc implementation in the GNU C Library (aka glibc or libc6), f ...

github логотип

GHSA-39wv-6252-46w2

CVSS3: 9.8
github
больше 3 лет назад

The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.

fstec логотип

BDU:2018-00364

CVSS3: 5.3
fstec
около 8 лет назад

Уязвимость реализации функции malloc библиотеки, обеспечивающей системные вызовы и основные фунции glibc, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 61%
0.00419
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Уязвимость CVE-2018-6551