CVE-2012-4424

Priority
Description
Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka
glibc or libc6) 2.17 and earlier allows context-dependent attackers to
cause a denial of service (crash) or possibly execute arbitrary code via a
long string that triggers a malloc failure and use of the alloca function.
Assigned-to
mdeslaur
Notes
jdstrandintroduced in http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=5358d026c74
Package
Source: glibc (LP Ubuntu Debian)
Upstream:needs-triage
This vulnerability is mitigated in part by the use of gcc's stack protector in Ubuntu. For more details see https://wiki.ubuntu.com/Security/Features#stack-protector
More Information

Updated: 2020-09-10 02:14:43 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)