An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka CID-dcde237319e6. This has been observed to cause heap corruption with the GNU C Library malloc implementation.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-02-25T17:55:59

Updated: 2024-08-04T10:26:16.079Z

Reserved: 2020-02-25T00:00:00

Link: CVE-2020-9391

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-02-25T18:15:11.647

Modified: 2023-11-07T03:26:51.937

Link: CVE-2020-9391

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-02-25T00:00:00Z

Links: CVE-2020-9391 - Bugzilla