Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL
GNU glibc 2.13
GNU glibc 2.14
GNU glibc 2.1
GNU glibc 2.11
GNU glibc 2.1.9
GNU glibc 2.14.1
GNU glibc 2.11.3
GNU glibc 2.12.2
GNU glibc 2.11.2
GNU glibc 2.12.1
GNU glibc 2.0
GNU glibc 2.0.1
GNU glibc 2.11.1
GNU glibc 2.0.5
GNU glibc 2.10.1
GNU glibc 2.0.4
GNU glibc 2.1.3
GNU glibc 2.0.3
GNU glibc 2.15
GNU glibc 2.1.2
GNU glibc 2.0.2
GNU glibc 2.1.1
GNU glibc 2.1.1.6
GNU glibc 2.18
GNU glibc 2.16
GNU glibc 2.17
GNU glibc 2.0.6