2 matches found
CVE-2018-1000001
In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...
GNU C Library integer overflow vulnerability (CNVD-2018-00256)
The GNU C Library a.k.a. glibc, libc6 is an open-source, free C language compiler released under the LGPL license. An integer overflow vulnerability exists in the 'malloc' function in version 2.26 of the GNU C Library, which stems from the program returning a small block of memory. No information...