diff options
author | Florian Weimer <fweimer@redhat.com> | 2018-02-01 15:00:44 +0100 |
---|---|---|
committer | Florian Weimer <fweimer@redhat.com> | 2018-02-01 17:16:53 +0100 |
commit | 4590634fd65162568b9f52fb4beb60aa25da37f2 (patch) | |
tree | a4865bb205135ab854efa2ab3dfa821798677765 | |
parent | 673e230560ac874deed6993d8b9ebaf82e73c408 (diff) | |
download | glibc-4590634fd65162568b9f52fb4beb60aa25da37f2.tar.gz glibc-4590634fd65162568b9f52fb4beb60aa25da37f2.tar.xz glibc-4590634fd65162568b9f52fb4beb60aa25da37f2.zip |
Record CVE-2018-6485 in ChangeLog and NEWS [BZ #22343]
-rw-r--r-- | ChangeLog | 1 | ||||
-rw-r--r-- | NEWS | 4 |
2 files changed, 5 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog index fdf303a42f..713af78d1d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -702,6 +702,7 @@ 2018-01-18 Arjun Shankar <arjun@redhat.com> [BZ #22343] + CVE-2018-6485 * malloc/malloc.c (checked_request2size): call REQUEST_OUT_OF_RANGE after padding. (_int_memalign): check for integer overflow before calling diff --git a/NEWS b/NEWS index 5c27f5c332..70798f6ced 100644 --- a/NEWS +++ b/NEWS @@ -258,6 +258,10 @@ Security related changes: succeeds without returning an absolute path due to unexpected behaviour of the Linux kernel getcwd syscall. Reported by halfdog. + CVE-2018-6485: The posix_memalign and memalign functions, when called with + an object size near the value of SIZE_MAX, would return a pointer to a + buffer which is too small, instead of NULL. Reported by Jakub Wilk. + The following bugs are resolved with this release: [The release manager will add the list generated by |