In the Linux kernel, the following vulnerability has been resolved:
tools/nolibc/stdlib: fix memory error in realloc()
Pass user_p_len to memcpy() instead of heap->len to prevent realloc()
from copying an extra sizeof(heap) bytes from beyond the allocated
region.
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"tools/include/nolibc/stdlib.h"
],
"versions": [
{
"version": "0e0ff638400b",
"lessThan": "5996b2b2dac7",
"status": "affected",
"versionType": "git"
},
{
"version": "0e0ff638400b",
"lessThan": "f678c3c33655",
"status": "affected",
"versionType": "git"
},
{
"version": "0e0ff638400b",
"lessThan": "8019d3dd921f",
"status": "affected",
"versionType": "git"
},
{
"version": "0e0ff638400b",
"lessThan": "4e6f225aefeb",
"status": "affected",
"versionType": "git"
},
{
"version": "0e0ff638400b",
"lessThan": "791f4641142e",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"tools/include/nolibc/stdlib.h"
],
"versions": [
{
"version": "5.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.19",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.12",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.3",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]
git.kernel.org/stable/c/4e6f225aefeb712cdb870176b6621f02cf235b8c
git.kernel.org/stable/c/5996b2b2dac739f2a27da13de8eee5b85b2550b3
git.kernel.org/stable/c/791f4641142e2aced85de082e5783b4fb0b977c2
git.kernel.org/stable/c/8019d3dd921f39a237a9fab6d2ce716bfac0f983
git.kernel.org/stable/c/f678c3c336559cf3255a32153e9a17c1be4e7c15