The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache (aka tcache) feature enables a code path that lacks an integer overflow check.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-12-05T17:00:00Z
Updated: 2024-09-16T16:32:49.604Z
Reserved: 2017-12-05T00:00:00Z
Link: CVE-2017-17426
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-12-05T17:29:00.940
Modified: 2023-11-07T02:41:42.760
Link: CVE-2017-17426
Redhat