Stack-based Buffer Overflow in realpath function of GNU C Library (glibc) 2.27 and earlier

Stack-based Buffer Overflow in realpath function of GNU C Library (glibc) 2.27 and earlier

CVE-2018-11236 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.

Learn more about our Web Application Penetration Testing UK.