{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T05:42:54.099","vulnerabilities":[{"cve":{"id":"CVE-2026-0861","sourceIdentifier":"3ff69d7a-14f2-4f67-a097-88dee7810d18","published":"2026-01-14T21:15:52.617","lastModified":"2026-02-03T18:26:25.390","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption.\n\nNote that the attacker must have control over both, the size as well as the alignment arguments of the memalign function to be able to exploit this.  The size parameter must be close enough to PTRDIFF_MAX so as to overflow size_t along with the large alignment argument.  This limits the malicious inputs for the alignment for memalign to the range [1<<62+ 1, 1<<63] and exactly 1<<63 for posix_memalign and aligned_alloc.\n\nTypically the alignment argument passed to such functions is a known constrained quantity (e.g. page size, block size, struct sizes) and is not attacker controlled, because of which this may not be easily exploitable in practice.  An application bug could potentially result in the input alignment being too large, e.g. due to a different buffer overflow or integer overflow in the application or its dependent libraries, but that is again an uncommon usage pattern given typical sources of alignments."},{"lang":"es","value":"Pasar una alineación demasiado grande a la suite de funciones memalign (memalign, posix_memalign, aligned_alloc) en la biblioteca C de GNU versión 2.30 a 2.42 puede resultar en un desbordamiento de entero, lo que podría consecuentemente resultar en una corrupción de montón.\n\nTenga en cuenta que el atacante debe tener control sobre ambos, los argumentos de tamaño y de alineación de la función memalign para poder explotar esto. El parámetro de tamaño debe estar lo suficientemente cerca de PTRDIFF_MAX como para desbordar size_t junto con el argumento de alineación grande. Esto limita las entradas maliciosas para la alineación para memalign al rango [1&lt;&lt;62+ 1, 1&lt;&lt;63] y exactamente 1&lt;&lt;63 para posix_memalign y aligned_alloc.\n\nTípicamente, el argumento de alineación pasado a tales funciones es una cantidad restringida conocida (p. ej., tamaño de página, tamaño de bloque, tamaños de estructura) y no está controlado por el atacante, por lo cual esto podría no ser fácilmente explotable en la práctica. Un error de aplicación podría potencialmente resultar en que la alineación de entrada sea demasiado grande, p. ej., debido a un desbordamiento de búfer diferente o un desbordamiento de entero en la aplicación o sus bibliotecas dependientes, pero ese es de nuevo un patrón de uso poco común dadas las fuentes típicas de alineaciones."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}]},"weaknesses":[{"source":"3ff69d7a-14f2-4f67-a097-88dee7810d18","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*","versionStartIncluding":"2.30","versionEndIncluding":"2.42","matchCriteriaId":"695F54F4-F00E-4777-BFA3-CA09D169D050"}]}]}],"references":[{"url":"https://sourceware.org/bugzilla/show_bug.cgi?id=33796","source":"3ff69d7a-14f2-4f67-a097-88dee7810d18","tags":["Exploit"]},{"url":"https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0001","source":"3ff69d7a-14f2-4f67-a097-88dee7810d18","tags":["Patch"]},{"url":"http://www.openwall.com/lists/oss-security/2026/01/16/5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]}]}}]}