An issue exists in the Linux kernel 5.4 and 5.5 up to and including 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka CID-dcde237319e6. This has been observed to cause heap corruption with the GNU C Library malloc implementation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
linux linux kernel 5.4 |
||
fedoraproject fedora 31 |
||
netapp cloud backup - |
||
netapp steelstore cloud integrated storage - |
||
netapp data availability services - |
||
netapp solidfire - |
||
netapp hci management node - |
||
netapp active iq unified manager - |
||
netapp h410c_firmware - |