CVE-2018-6337

Published December 31st, 2018

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

MEDIUM

Affected

PROJECTS

Description

folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple forked children producing repeat (or similar) results. This affects HHVM 3.26 prior to 3.26.3 and the folly library between v2017.12.11.00 and v2018.08.09.00.

facebook/hhvm

A virtual machine for executing programs written in Hack.

GitHub

18.6K

facebook/folly

An open-source C++ library developed and used at Facebook.

GitHub

30.4K