[原文]Multiple integer overflows in TCMalloc (tcmalloc.cc) in gperftools before 0.4 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected.
gperftools tcmalloc.cc Size Value Handling Multiple Overflows
Loss of Integrity
gperftools is prone to multiple overflow conditions. This issue is triggered when multiple integer overflows occur in tcmalloc.cc when handling large size values. This may allow a context-dependent attacker to potentially execute arbitrary code.
Upgrade to version 0.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.