diff --git a/NEWS b/NEWS index 5b2e757e35..6637a2e0c1 100644 --- a/NEWS +++ b/NEWS @@ -59,6 +59,7 @@ The following bugs are resolved with this release: [28769] CVE-2021-3999: Off-by-one buffer overflow/underflow in getcwd() [28770] CVE-2021-3998: Unexpected return value from realpath() for too long results [28784] x86: crash in 32bit memset-sse2.s when the cache size can not be determined + [28850] linux: __get_nprocs_sched reads uninitialized memory from the stack Version 2.34 diff --git a/sysdeps/unix/sysv/linux/getsysstats.c b/sysdeps/unix/sysv/linux/getsysstats.c index 7fc6521942..7babd947aa 100644 --- a/sysdeps/unix/sysv/linux/getsysstats.c +++ b/sysdeps/unix/sysv/linux/getsysstats.c @@ -45,7 +45,7 @@ __get_nprocs_sched (void) int r = INTERNAL_SYSCALL_CALL (sched_getaffinity, 0, cpu_bits_size, cpu_bits); if (r > 0) - return CPU_COUNT_S (cpu_bits_size, (cpu_set_t*) cpu_bits); + return CPU_COUNT_S (r, (cpu_set_t*) cpu_bits); else if (r == -EINVAL) /* The input buffer is still not enough to store the number of cpus. This is an arbitrary values assuming such systems should be rare and there