CVE-2017-1000378
The CVE-2017-1000378 entry concerns the NetBSD qsort() implementation. The root cause is that qsort() is recursive and not randomized, enabling an attacker to construct a pathological input array of N elements that deterministically recurses N/4 times. This can cause the process to consume arbitr...