Bug 1007545 - (CVE-2013-4332) CVE-2013-4332 glibc: three integer overflows in memory allocator
CVE-2013-4332 glibc: three integer overflows in memory allocator
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20130820,repor...
: Security
Depends On: 1008298 1008299 1008310 1011804 1011805
Blocks: 974906 1007547
  Show dependency treegraph
 
Reported: 2013-09-12 14:06 EDT by Vincent Danen
Modified: 2016-03-04 07:03 EST (History)
11 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in glibc's memory allocator functions (pvalloc, valloc, and memalign). If an application used such a function, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-11-22 01:06:25 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Vincent Danen 2013-09-12 14:06:03 EDT
Will Newton reported [1] three integer overflow flaws in the glibc memory allocator functions: pvalloc [2],[3], valloc [4],[5], and posix_memalign/memalign/assigned_alloc [6],[7].  These issues cause a large allocation size to wrap around and cause a wrong sized allocation and heap corruption.


[1] http://www.openwall.com/lists/oss-security/2013/09/11/2
[2] https://sourceware.org/bugzilla/show_bug.cgi?id=15855
[3] http://sourceware.org/git/?p=glibc.git;a=commit;h=1159a193696ad48ec86e5895f6dee3e539619c0e
[4] https://sourceware.org/bugzilla/show_bug.cgi?id=15856
[5] http://sourceware.org/git/?p=glibc.git;a=commit;h=55e17aadc1ef17a1df9626fb0e9fba290ece3331
[6] https://sourceware.org/bugzilla/show_bug.cgi?id=15857
[7] http://sourceware.org/git/?p=glibc.git;a=commit;h=b73ed247781d533628b681f57257dc85882645d3
Comment 2 Huzaifa S. Sidhpurwala 2013-09-16 02:06:23 EDT
Created glibc tracking bugs for this issue:

Affects: fedora-all [bug 1008299]
Comment 4 Carlos O'Donell 2013-09-17 16:07:30 EDT
The glibc team is aware of this bug and will be backporting the upstream fixes.
Comment 7 Fedora Update System 2013-09-26 02:12:42 EDT
glibc-2.18-9.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 8 Fedora Update System 2013-09-27 20:06:46 EDT
glibc-2.17-18.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 errata-xmlrpc 2013-10-08 12:24:45 EDT
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2013:1411 https://rhn.redhat.com/errata/RHSA-2013-1411.html
Comment 10 errata-xmlrpc 2013-11-21 06:03:38 EST
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2013:1605 https://rhn.redhat.com/errata/RHSA-2013-1605.html

Note You need to log in before you can comment on or make changes to this bug.