suse · CVE-2018-6485

Quick triage

Priority: medium Published: 2021-05-30 14:10:41 UTC Updated: 2026-04-17 15:32:32 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-6485 severity moderate: SUSE including 510 source package names (0.9.1:glibc-2.22-62.6.2, 1.0.0:glibc-2.22-62.6.2, …), 772 product×package rows across 83 product lines (Container caasp/v4/default-http-backend, Container caasp/v4/dnsmasq-nanny, … (83 product lines)): Fixed 515, Known Affected 157, Known Not Affected 100.

Description:

An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.

cvelogic Threat Intelligence