WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resizeSlow function (in WTF/wtf/FastBitVector.cpp) for a purpose other than initializing a bitvector size, and resizeSlow mishandles cases where the old array length is greater than the new array length.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-12-21T03:00:00
Updated: 2024-08-05T20:59:18.000Z
Reserved: 2017-12-20T00:00:00
Link: CVE-2017-17821
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2017-12-21T03:29:00.630
Modified: 2018-01-10T23:05:01.467
Link: CVE-2017-17821
Redhat
No data.