It was discovered that the formatted printing functionality in glibc used extend_alloca() incorrectly. A remote attacker could provide a specially crafted sequence of format specifiers, leading to a desynchronization within the buffer size handling, resulting in the use of uninitialized memory or, potentially, FORTIFY_SOURCE format string protection mechanism bypass, when processed. References: http://sourceware.org/bugzilla/show_bug.cgi?id=13446 http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=a4647e727a2a52e1259474c13f4b13288938bed4
Pulic now/CVEs requested via: http://www.openwall.com/lists/oss-security/2012/07/11/5
A CVE identifier of CVE-2012-3405 has been assigned to this issue.
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:1098 https://rhn.redhat.com/errata/RHSA-2012-1098.html
Statement: This issue did not affect the version of glibc as shipped with Red Hat Enterprise Linux 5.
Created glibc tracking bugs for this issue Affects: fedora-all [bug 841318]
This issue has been addressed in following products: RHEV-H and Agents for RHEL-6 Via RHSA-2012:1200 https://rhn.redhat.com/errata/RHSA-2012-1200.html