CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2018-6485

CVSS 9.8v3.0pub. 2018-02-01upd. 2024-11-21

An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Gnu Glibc

    APP
    Gnu
    ≤ 2.26
  • Netapp Cloud Backup

    APP
    Netapp
    wszystkie wersje
  • Netapp Data Ontap Edge

    APP
    Netapp
    wszystkie wersje
  • Netapp Element Software

    APP
    Netapp
    wszystkie wersje
  • Netapp Element Software Management

    APP
    Netapp
    wszystkie wersje
  • Netapp Steelstore Cloud Integrated Storage

    APP
    Netapp
    wszystkie wersje
  • Netapp Storage Replication Adapter

    APP
    Netapp
    ≥ 7.2
  • Netapp Vasa Provider

    APP
    Netapp
    6.x≥ 7.2
  • Netapp Virtual Storage Console

    APP
    Netapp
    ≥ 7.2
  • Oracle Communications Session Border Controller

    APP
    Oracle
    8.0.08.1.08.2.0
  • Oracle Enterprise Communications Broker

    APP
    Oracle
    3.0.03.1.0
  • Red Hat Enterprise Linux Desktop

    OS
    Redhat
    7.0
  • Red Hat Enterprise Linux Server

    OS
    Redhat
    7.0
  • Red Hat Enterprise Linux Workstation

    OS
    Redhat
    7.0
  • Red Hat Virtualization Host

    APP
    Redhat
    4.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2021-42013CRITICAL9.8⚠ KEVten sam produkt

It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could ...

CVE-2021-41773CRITICAL9.8⚠ KEVten sam produkt

A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a ...

CVE-2021-40438CRITICAL9.0⚠ KEVten sam produkt

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...

CVE-2019-5544CRITICAL9.8⚠ KEVten sam produkt

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the s...

CVE-2016-4171CRITICAL9.8⚠ KEVten sam produkt

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbi...