From 37ac8e635a29810318f6d79902102e2e96b2b5bf Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Wed, 6 Dec 2017 07:39:25 +0100 Subject: [PATCH] Add references to CVE-2017-17426 --- ChangeLog | 1 + NEWS | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/ChangeLog b/ChangeLog index ab41d9d947f..6b752ac3ded 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1164,6 +1164,7 @@ 2017-11-30 Arjun Shankar [BZ #22375] + CVE-2017-17426 * malloc/malloc.c (__libc_malloc): Use checked_request2size instead of request2size. diff --git a/NEWS b/NEWS index dc5fe32cf8a..faa60abe301 100644 --- a/NEWS +++ b/NEWS @@ -112,6 +112,11 @@ Security related changes: without GLOB_NOESCAPE, could write past the end of a buffer while unescaping user names. Reported by Tim Rühsen. + CVE-2017-17426: The malloc function, when called with an object size near + the value SIZE_MAX, would return a pointer to a buffer which is too small, + instead of NULL. This was a regression introduced with the new malloc + thread cache in glibc 2.26. Reported by Iain Buclaw. + The following bugs are resolved with this release: [The release manager will add the list generated by -- 2.39.5