CVE-2012-2673

Priority
Medium
Description
Multiple integer overflows in the (1) GC_generic_malloc and (2) calloc
funtions in malloc.c, and the (3) GC_generic_malloc_ignore_off_page
function in mallocx.c in Boehm-Demers-Weiser GC (libgc) before 7.2 make it
easier for context-dependent attackers to perform memory-related attacks
such as buffer overflows via a large size value, which causes less memory
to be allocated than expected.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2673
http://www.openwall.com/lists/oss-security/2012/06/07/13
http://www.ubuntu.com/usn/usn-1546-1
Bugs
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677195
https://bugs.launchpad.net/bugs/1031064
Assigned-to
sbeattie
Package
Source: libgc (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (1:6.8-1.1ubuntu0.1)
Ubuntu 10.04 LTS (Lucid Lynx):released (1:6.8-1.2ubuntu1.1)
Ubuntu 11.04 (Natty Narwhal):released (1:6.8-1.2ubuntu3.2)
Ubuntu 11.10 (Oneiric Ocelot):released (1:7.1-8ubuntu0.11.10.1)
Ubuntu 12.04 LTS (Precise Pangolin):released (1:7.1-8ubuntu0.12.04.1)
Ubuntu 12.10 (Quantal Quetzal):released (1:7.1-9)
Patches:
Patch:https://github.com/ivmai/bdwgc/commit/be9df82919960214ee4b9d3313523bff44fd99e1
Patch:https://github.com/ivmai/bdwgc/commit/e10c1eb9908c2774c16b3148b30d2f3823d66a9a
Patch:https://github.com/ivmai/bdwgc/commit/6a93f8e5bcad22137f41b6c60a1c7384baaec2b3
Patch:https://github.com/ivmai/bdwgc/commit/83231d0ab5ed60015797c3d1ad9056295ac3b2bb
Patch:http://anonscm.debian.org/gitweb/?p=collab-maint/libgc.git;a=commitdiff;h=4dd893dc29bdf10a61734cfc863ec035364c72e7
More Information

Valid XHTML 1.0 Strict

Updated: 2012-08-29 00:14:36 UTC (commit 5682)