CVE-2021-31873

Priority
Description
An issue was discovered in klibc before 2.0.9. Additions in the malloc()
function may result in an integer overflow and a subsequent heap buffer
overflow.
Assigned-to
litios
Notes
mdeslauronly used in initramfs, doesn't parse untrusted data
Package
Source: klibc (LP Ubuntu Debian)
Upstream:released (2.0.8-6)
Ubuntu 18.04 LTS:released (2.0.4-9ubuntu2.1)
Ubuntu 20.04 LTS:released (2.0.7-1ubuntu5.1)
Ubuntu 21.10:not-affected (2.0.8-6.1ubuntu2)
Ubuntu 16.04 ESM:released (2.0.4-8ubuntu1.16.04.4+esm1)
Ubuntu 22.04 LTS:not-affected (2.0.8-6.1ubuntu2)
Ubuntu 14.04 ESM:released (2.0.3-0ubuntu1.14.04.3+esm2)
Patches:
Upstream:https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=a31ae8c508fc8d1bca4f57e9f9f88127572d5202
More Information

Updated: 2022-04-25 00:55:20 UTC (commit ecc1009cb19540b950de59270950018900f37f15)