CVE-2021-40648 Information

Description

In man2html 1.6g a filename can be created to overwrite the previous size parameter of the next chunk and the fd bk fd_nextsize bk_nextsize of the current chunk. The next chunk is then freed later on causing a freeing of an arbitrary amount of memory.

Reference

http://na.com http://man2html.com https://gist.github.com/untaman/cb58123fe89fc65e3984165db5d40933