Launchpad CVE tracker

CVE 2018-6551

The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.

Related bugs and status

CVE-2018-6551 (Candidate) is related to these bugs:

Bug #1773363: glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+

		In	Importance	Status
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	glibc (Ubuntu)	Undecided	Confirmed
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	GLibC	Medium	Fix Released
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	glibc (Ubuntu Bionic)	Undecided	Confirmed
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	glibc (Ubuntu Cosmic)	Undecided	Won't Fix
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	linux (Ubuntu)	Medium	Confirmed
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	linux (Ubuntu Bionic)	Undecided	Confirmed
1773363	glibc tst-preadvwritev2 and tst-preadvwritev64v2 fail with Linux 4.16+	linux (Ubuntu Cosmic)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2018-6551

References