Summary: | <sys-libs/glibc-2.19-r1: Three integer overflows in glibc memory allocator (CVE-2013-4332) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | toolchain, ulenrich |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2013/09/11/2 | ||
Whiteboard: | A2 [glsa cleanup] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 518364 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2013-09-12 05:11:26 UTC
Number 1: https://sourceware.org/bugzilla/show_bug.cgi?id=15855 FIX: Fixed in commit 1159a193696ad48ec86e5895f6dee3e539619c0e. Number 2: https://sourceware.org/bugzilla/show_bug.cgi?id=15856 Fix: Fixed in commit 55e17aadc1ef17a1df9626fb0e9fba290ece3331. Number 3: https://sourceware.org/bugzilla/show_bug.cgi?id=15857 Fix: Fixed in commit b73ed247781d533628b681f57257dc85882645d3. CVE-2013-4332 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4332): Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions. *** Bug 494444 has been marked as a duplicate of this bug. *** My duplicate with the sampled patches from Debian~unstable source https://bugs.gentoo.org/show_bug.cgi?id=494444 has not only "Check for overflow." but also a patch to "stack_chk_guard" and a Debian proposal to not crash when a locale doesn't exist. Shouldn't this bug block the stabilization of glibc 2.17? i've cherry picked this into the glibc-2.18 patchset Maintainer(s), please drop the vulnerable version(s). Added to an existing GLSA Request. This issue was resolved and addressed in GLSA 201503-04 at http://security.gentoo.org/glsa/glsa-201503-04.xml by GLSA coordinator Kristian Fiskerstrand (K_F). |