Will Newton

**Name of the Vulnerable Software and Affected Versions** glibc versions 2.18 and earlier **Description** The issue is caused by multiple integer overflows in the malloc/malloc.c file of the GNU C Library, which allows context-dependent attackers to cause a denial of service, resulting in heap corruption. This can be achieved by providing a large value to the `pvalloc`, `valloc`, `posix memalign`, `memalign`, or `aligned alloc` functions. **Recommendations** For glibc versions 2.18 and earlier, consider disabling the use of the `pvalloc`, `valloc`, `posix memalign`, `memalign`, and `aligned alloc` functions until a patch is available. Restrict access to these functions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.