CVE-2013-4332
Published: 9 October 2013
Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
eglibc Launchpad, Ubuntu, Debian |
upstream |
Released
(2.17-93)
|
| lucid |
Released
(2.11.1-0ubuntu7.13)
|
|
| precise |
Released
(2.15-0ubuntu10.5)
|
|
| quantal |
Released
(2.15-0ubuntu20.2)
|
|
| raring |
Released
(2.17-0ubuntu5.1)
|
|
| saucy |
Not vulnerable
(2.17-93ubuntu1)
|
|
|
Patches: upstream: https://sourceware.org/git/?p=glibc.git;a=commit;h=1159a193696ad48ec86e5895f6dee3e539619c0e upstream: https://sourceware.org/git/?p=glibc.git;a=commit;h=55e17aadc1ef17a1df9626fb0e9fba290ece3331 upstream: https://sourceware.org/git/?p=glibc.git;a=commit;h=b73ed247781d533628b681f57257dc85882645d3 |
||