Does RHEL glibc have the refactor to qsort() to solve the memory corruption issue?
Issue
- Does RHEL glibc have the refactor to
qsort()to solve the memory corruption issue? - Qualys report "Nontransitive comparison functions lead to out-of-bounds read & write in glibc's qsort()" as described at https://www.openwall.com/lists/oss-security/2024/01/30/7
- glibc 2.39 has a new
qsort()implementation, is this being backported to RHEL's glibc? - Will glibc commits dfa3394a605c - qsort: Fix a typo causing unnecessary malloc/free (BZ 31276) and b9390ba93676 - stdlib: Fix array bounds protection in insertion sort phase of qsort be included in Red Hat Enterprise Linux?
Environment
- Red Hat Enterprise Linux 9
- Red Hat Enterprise Linux 8
- GNU C library (glibc)
qsort()function
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
