MONDAY, APRIL 20, 2026 GLIBC DIGEST · OPEN-SOURCE SYSTEMS DAILY VOL. 1 · NO. 110
Late Edition · APRIL 20, 2026 · VOL. 1 · NO. 110
The glibc Digest
— A Daily Record of the GNU C Library —
FRIDAY, APRIL 17, 2026
stdio-common Ready to Land

Fix buffer overflow in scanf %mc

This patch fixes a buffer overflow vulnerability in scanf's %mc format specifier, identified as CVE-2026-5450.

By Carlos O'Donell <[email protected]> April 17, 2026 Sentiment 9 / 10

This patch corrects a buffer overflow in vfscanf-internal.c related to the %mc and %mC format specifiers. The issue occurs during buffer enlargement, where one byte less than required is allocated. The patch has been reviewed and the reviewer’s approval can be kept for v6 if the fix remains unchanged.

Technical Tradeoffs

  • Modifies the buffer resizing logic in `vfscanf-internal.c`.
Filed Under: stdioscanfvfscanfbuffer overflowsecurity
View Original Thread →