* [PATCH COMMITTED] Add references to CVE-2017-17426
@ 2017-12-06 6:42 Florian Weimer
0 siblings, 0 replies; only message in thread
From: Florian Weimer @ 2017-12-06 6:42 UTC (permalink / raw)
To: GNU C Library
[-- Attachment #1: Type: text/plain, Size: 42 bytes --]
MITRE assigned a CVE ID.
Thanks,
Florian
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: malloc.patch --]
[-- Type: text/x-patch; name="malloc.patch", Size: 1117 bytes --]
commit 37ac8e635a29810318f6d79902102e2e96b2b5bf
Author: Florian Weimer <fweimer@redhat.com>
Date: Wed Dec 6 07:39:25 2017 +0100
Add references to CVE-2017-17426
diff --git a/ChangeLog b/ChangeLog
index ab41d9d947..6b752ac3de 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1164,6 +1164,7 @@
2017-11-30 Arjun Shankar <arjun@redhat.com>
[BZ #22375]
+ CVE-2017-17426
* malloc/malloc.c (__libc_malloc): Use checked_request2size
instead of request2size.
diff --git a/NEWS b/NEWS
index dc5fe32cf8..faa60abe30 100644
--- a/NEWS
+++ b/NEWS
@@ -112,6 +112,11 @@ Security related changes:
without GLOB_NOESCAPE, could write past the end of a buffer while
unescaping user names. Reported by Tim Rühsen.
+ CVE-2017-17426: The malloc function, when called with an object size near
+ the value SIZE_MAX, would return a pointer to a buffer which is too small,
+ instead of NULL. This was a regression introduced with the new malloc
+ thread cache in glibc 2.26. Reported by Iain Buclaw.
+
The following bugs are resolved with this release:
[The release manager will add the list generated by
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2017-12-06 6:42 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-12-06 6:42 [PATCH COMMITTED] Add references to CVE-2017-17426 Florian Weimer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).