Heap Buffer overflow in Abseil
There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper bound on their size argument. As a result, it was possible for a caller to pass a very large size that would cause an integer overflow when computing the size of the container's backing store, and a subsequent out-of-bounds memory write. Subsequent accesses to the container might also access out-of-bounds memory. We recommend upgrading past commit 5a0e2cb5e3958dd90bb8569a2766622cb74d90c1
References
Affected products
- <5a0e2cb5e3958dd90bb8569a2766622cb74d90c1
Matching in nixpkgs
pkgs.abseil-cpp_202103
Open-source collection of C++ code designed to augment the C++ standard library
-
nixos-unstable -
- nixpkgs-unstable 20210324.2
pkgs.abseil-cpp_202401
Open-source collection of C++ code designed to augment the C++ standard library
-
nixos-unstable -
- nixpkgs-unstable 20240116.3
pkgs.abseil-cpp_202407
Open-source collection of C++ code designed to augment the C++ standard library
-
nixos-unstable -
- nixpkgs-unstable 20240722.1
pkgs.abseil-cpp_202501
Open-source collection of C++ code designed to augment the C++ standard library
-
nixos-unstable -
- nixpkgs-unstable 20250127.1
pkgs.abseil-cpp_202505
Open-source collection of C++ code designed to augment the C++ standard library
-
nixos-unstable -
- nixpkgs-unstable 20250512.1
pkgs.abseil-cpp_202508
Open-source collection of C++ code designed to augment the C++ standard library
-
nixos-unstable -
- nixpkgs-unstable 20250814.0
Package maintainers
-
@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
-
@andersk Anders Kaseorg <andersk@mit.edu>