Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 484646 (CVE-2013-4332) - <sys-libs/glibc-2.19-r1: Three integer overflows in glibc memory allocator (CVE-2013-4332)
Summary: <sys-libs/glibc-2.19-r1: Three integer overflows in glibc memory allocator (C...
Status: RESOLVED FIXED
Alias: CVE-2013-4332
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: http://www.openwall.com/lists/oss-sec...
Whiteboard: A2 [glsa cleanup]
Keywords:
: 494444 (view as bug list)
Depends on: 518364
Blocks:
  Show dependency tree
 
Reported: 2013-09-12 05:11 UTC by Agostino Sarubbo
Modified: 2015-03-08 14:54 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2013-09-12 05:11:26 UTC
From ${URL} :

I recently discovered three integer overflow issues in the glibc
memory allocator functions pvalloc, valloc and
posix_memalign/memalign/aligned_alloc. These issues cause a large
allocation size to wrap around and cause a wrong sized allocation and
heap corruption. The issues are fixed in glibc mainline.

The relevant glibc bugzilla entries are here:

https://sourceware.org/bugzilla/show_bug.cgi?id=15855
https://sourceware.org/bugzilla/show_bug.cgi?id=15856
https://sourceware.org/bugzilla/show_bug.cgi?id=15857


@maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
Comment 1 Yury German Gentoo Infrastructure gentoo-dev 2013-10-03 04:28:45 UTC
Number 1:
https://sourceware.org/bugzilla/show_bug.cgi?id=15855

FIX:
Fixed in commit 1159a193696ad48ec86e5895f6dee3e539619c0e.

Number 2:
https://sourceware.org/bugzilla/show_bug.cgi?id=15856

Fix:
Fixed in commit 55e17aadc1ef17a1df9626fb0e9fba290ece3331.


Number 3:
https://sourceware.org/bugzilla/show_bug.cgi?id=15857

Fix:
Fixed in commit b73ed247781d533628b681f57257dc85882645d3.
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2013-10-15 03:18:35 UTC
CVE-2013-4332 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4332):
  Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka
  glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause
  a denial of service (heap corruption) via a large value to the (1) pvalloc,
  (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc
  functions.
Comment 3 Jeroen Roovers (RETIRED) gentoo-dev 2013-12-16 13:21:18 UTC
*** Bug 494444 has been marked as a duplicate of this bug. ***
Comment 4 Ulenrich 2013-12-30 13:16:32 UTC
My duplicate with the sampled patches from Debian~unstable source
https://bugs.gentoo.org/show_bug.cgi?id=494444

has not only "Check for overflow."
but also a patch to "stack_chk_guard"
and a Debian proposal to not crash when a locale doesn't exist.
Comment 5 Steev Klimaszewski (RETIRED) gentoo-dev 2014-01-05 00:54:02 UTC
Shouldn't this bug block the stabilization of glibc 2.17?
Comment 6 SpanKY gentoo-dev 2014-02-18 19:23:58 UTC
i've cherry picked this into the glibc-2.18 patchset
Comment 7 Yury German Gentoo Infrastructure gentoo-dev 2015-03-03 03:43:39 UTC
Maintainer(s), please drop the vulnerable version(s).

Added to an existing GLSA Request.
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2015-03-08 14:54:11 UTC
This issue was resolved and addressed in
 GLSA 201503-04 at http://security.gentoo.org/glsa/glsa-201503-04.xml
by GLSA coordinator Kristian Fiskerstrand (K_F).