It was discovered that the formatted printing functionality in glibc did not properly honor the size of a structure when calculating the amount of memory to allocate. A remote attacker could provide a specially crafted sequence of format specifiers, leading to an undersized buffer allocation and subsequent stack corruption, resulting in a crash or, potentially, FORTIFY_SOURCE format string protection mechanism bypass, when processed. References: http://sourceware.org/bugzilla/show_bug.cgi?id=12445 http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=84a4211850e3d23a9d3a4f3b294752a3b30bc0ff
Pulic now/CVEs requested via: http://www.openwall.com/lists/oss-security/2012/07/11/5
A CVE identifier of CVE-2012-3404 has been assigned to this issue.
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:1098 https://rhn.redhat.com/errata/RHSA-2012-1098.html
Statement: This issue did not affect the version of glibc as shipped with Red Hat Enterprise Linux 5.
This issue has been addressed in following products: RHEV-H and Agents for RHEL-6 Via RHSA-2012:1200 https://rhn.redhat.com/errata/RHSA-2012-1200.html