CVE-2013-4237
Published: 9 October 2013
sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted (1) NTFS or (2) CIFS image.
Notes
| Author | Note |
|---|---|
| jdstrand | may only affect powerpc in practice |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
eglibc Launchpad, Ubuntu, Debian |
upstream |
Needed
|
| lucid |
Released
(2.11.1-0ubuntu7.13)
|
|
| precise |
Released
(2.15-0ubuntu10.5)
|
|
| quantal |
Released
(2.15-0ubuntu20.2)
|
|
| raring |
Released
(2.17-0ubuntu5.1)
|
|
| saucy |
Released
(2.17-93ubuntu2)
|
|
|
Patches: other: http://sourceware.org/ml/libc-alpha/2013-05/msg00445.html upstream: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=91ce40854d0b7f865cf5024ef95a8026b76096f3 |
||