Computer Security
[EN] securityvulns.ru no-pyccku


glibc security vulnerabilities
updated since 03.10.2013
Published:01.12.2013
Source:
SecurityVulns ID:13324
Type:library
Threat Level:
7/10
Description:Integer overflows in pvalloc, valloc, posix_memalign/memalign/aligned_alloc, invalid PTR_MANGLE implementation, getaddrinfo() stack overflow, strcoll_l.c integer overflow and buffer overflow.
Affected:GNU : glibc 2.15
 GNU : glibc 2.5
 GNU : glibc 2.18
CVE:CVE-2013-4788 (The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address.)
 CVE-2013-4458 (Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914.)
 CVE-2013-4332 (Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions.)
 CVE-2012-4424 (Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string that triggers a malloc failure and use of the alloca function.)
 CVE-2012-4412 (Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow.)
Original documentdocumentMANDRIVA, [ MDVSA-2013:284 ] glibc (01.12.2013)
 documentgeinblues_(at)_gmail.com, glibc 2.5 <= reloc types to crash bug (28.10.2013)
 documentSLACKWARE, [slackware-security] glibc (SSA:2013-260-01) (03.10.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod