CVE-2018-6337

folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple forked children producing repeat (or similar) results. This affects HHVM 3.26 prior to 3.26.3 and the folly library between v2017.12.11.00 and v2018.08.09.00.
Configurations

Configuration 1

cpe:2.3:a:facebook:folly:*:*:*:*:*:*:*:*
cpe:2.3:a:facebook:hhvm:*:*:*:*:*:*:*:*

Information

Published : 2018-12-31 10:29

Updated : 2019-10-09 11:41


NVD link : CVE-2018-6337

Mitre link : CVE-2018-6337

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer