An issue exists in CHICKEN Scheme up to and including 4.12.0. When using a nonstandard CHICKEN-specific extension to allocate an SRFI-4 vector in unmanaged memory, the vector size would be used in unsanitised form as an argument to malloc(). With an unexpected size, the impact may have been a segfault or buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
call-cc chicken 4.12.0 |