CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
36.7%
operator new[] sometimes returns pointers to heap blocks which
are too small. When a new array is allocated, the C++ run-time
has to calculate its size. The product may exceed the maximum
value which can be stored in a machine register. This error is
ignored, and the truncated value is used for the heap allocation.
This may lead to heap overflows and therefore security bugs.
(See http://cert.uni-stuttgart.de/advisories/calloc.php for further
references.)
Author | Note |
---|---|
sbeattie | fixed upstream in gcc 4.8.0 backporting fixes may be problematic for ABI issues gcc-i686-linux-android/xenial is 4.7.4 based |
mdeslaur | gcc-4.7 is not the default xenial compiler and is only used to build a few packages. Fixing this would be intrusive, would require rebuilding those packages, and there is no clear attack vector on them. We will not be fixing gcc-4.7 in xenial. Marking as ignored. |
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
36.7%