ID CVE-2012-2673
Summary Multiple integer overflows in the (1) GC_generic_malloc and (2) calloc functions in malloc.c, and the (3) GC_generic_malloc_ignore_off_page function in mallocx.c in Boehm-Demers-Weiser GC (libgc) before 7.2 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected.
References
Vulnerable Configurations
  • Boehm-Demers-Weiser Garbace Collector (libgc) 7.2 alpha 6
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.2:alpha6
  • Boehm-Demers-Weiser Garbace Collector (libgc) 7.2 alpha 4
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.2:alpha4
  • Boehm-Demers-Weiser Garbace Collector (libgc) 7.2 alpha 2
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.2:alpha2
  • Boehm-Demers-Weiser Garbace Collector (libgc) 7.1
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.1
  • Boehm-Demers-Weiser Garbace Collector (libgc) 7.1 alpha 2
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.1:alpha2
  • Boehm-Demers-Weiser Garbace Collector (libgc) 7.0
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0
  • Boehm-Demers-Weiser Garbace Collector (libgc) 7.0 alpha 9
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha9
  • Boehm-Demers-Weiser Garbace Collector (libgc) 7.0 alpha 7
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha7
  • Boehm-Demers-Weiser Garbace Collector (libgc) 7.0 alpha 5
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha5
  • Boehm-Demers-Weiser Garbace Collector (libgc) 7.0 alpha 4
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha4
  • Boehm-Demers-Weiser Garbace Collector (libgc) 7.0 alpha 3
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha3
  • Boehm-Demers-Weiser Garbace Collector (libgc) 7.0 alpha 2
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha2
  • Boehm-Demers-Weiser Garbace Collector (libgc) 7.0 alpha 1
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha1
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.9
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.9
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.8
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.8
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.7
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.7
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.6
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.6
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.5
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.5
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.4
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.4
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.3
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.3 alpha 6
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha6
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.3 alpha 5
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha5
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.3 alpha 4
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha4
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.3 alpha 3
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha3
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.3 alpha 2
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha2
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.3 alpha 1
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha1
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.2
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.2 alpha 6
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha6
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.2 alpha 5
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha5
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.2 alpha 4
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha4
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.2 alpha 3
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha3
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.2 alpha 2
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha2
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.2 alpha 1
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha1
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.1
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.1 alpha 5
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1:alpha5
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.1 alpha 4
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1:alpha4
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.1 alpha 3
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1:alpha3
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.1 alpha 2
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1:alpha2
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.1 alpha 1
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1:alpha1
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.0
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.0 alpha 9
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha9
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.0 alpha 8
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha8
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.0 alpha 7
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha7
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.0 alpha 6
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha6
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.0 alpha 5
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha5
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.0 alpha 4
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha4
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.0 alpha 3
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha3
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.0 alpha 2
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha2
  • Boehm-Demers-Weiser Garbace Collector (libgc) 6.0 alpha 1
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha1
  • Boehm-Demers-Weiser Garbace Collector (libgc) 5.4
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.4
  • Boehm-Demers-Weiser Garbace Collector (libgc) 5.3
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.3
  • Boehm-Demers-Weiser Garbace Collector (libgc) 5.2
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.2
  • Boehm-Demers-Weiser Garbace Collector (libgc) 5.1
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.1
  • Boehm-Demers-Weiser Garbace Collector (libgc) 5.0
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0
  • Boehm-Demers-Weiser Garbace Collector (libgc) 5.0 alpha 7
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha7
  • Boehm-Demers-Weiser Garbace Collector (libgc) 5.0 alpha 6
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha6
  • Boehm-Demers-Weiser Garbace Collector (libgc) 5.0 alpha 4
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha4
  • Boehm-Demers-Weiser Garbace Collector (libgc) 5.0 alpha 3
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha3
  • Boehm-Demers-Weiser Garbace Collector (libgc) 5.0 alpha 2
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha2
  • Boehm-Demers-Weiser Garbace Collector (libgc) 5.0 alpha 1
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha1
  • Boehm-Demers-Weiser Garbace Collector (libgc) 4.14
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.14
  • Boehm-Demers-Weiser Garbace Collector (libgc) 4.14 alpha 2
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.14:alpha2
  • Boehm-Demers-Weiser Garbace Collector (libgc) 4.14 alpha 1
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.14:alpha1
  • Boehm-Demers-Weiser Garbace Collector (libgc) 4.13
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.13
  • Boehm-Demers-Weiser Garbace Collector (libgc) 4.12
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.12
  • Boehm-Demers-Weiser Garbace Collector (libgc) 4.11
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.11
  • Boehm-Demers-Weiser Garbace Collector (libgc) 4.10
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.10
  • Boehm-Demers-Weiser Garbace Collector (libgc) 4.9
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.9
  • Boehm-Demers-Weiser Garbace Collector (libgc) 4.8
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.8
  • Boehm-Demers-Weiser Garbace Collector (libgc) 4.7
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.7
  • Boehm-Demers-Weiser Garbace Collector (libgc) 4.6
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.6
  • Boehm-Demers-Weiser Garbace Collector (libgc) 4.5
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.5
  • Boehm-Demers-Weiser Garbace Collector (libgc) 4.4
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.4
  • Boehm-Demers-Weiser Garbace Collector (libgc) 4.3
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.3
  • Boehm-Demers-Weiser Garbace Collector (libgc) 4.2
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.2
  • Boehm-Demers-Weiser Garbace Collector (libgc) 4.1
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.1
  • Boehm-Demers-Weiser Garbace Collector (libgc) 4.0
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.0
  • Boehm-Demers-Weiser Garbace Collector (libgc) 3.7
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.7
  • Boehm-Demers-Weiser Garbace Collector (libgc) 3.6
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.6
  • Boehm-Demers-Weiser Garbace Collector (libgc) 3.5
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.5
  • Boehm-Demers-Weiser Garbace Collector (libgc) 3.4
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.4
  • Boehm-Demers-Weiser Garbace Collector (libgc) 3.3
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.3
  • Boehm-Demers-Weiser Garbace Collector (libgc) 3.2
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.2
  • Boehm-Demers-Weiser Garbace Collector (libgc) 3.1
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.1
  • Boehm-Demers-Weiser Garbace Collector (libgc) 3.0
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.0
  • Boehm-Demers-Weiser Garbace Collector (libgc) 2.4
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:2.4
  • Boehm-Demers-Weiser Garbace Collector (libgc) 2.3
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:2.3
  • Boehm-Demers-Weiser Garbace Collector (libgc) 2.2
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:2.2
  • Boehm-Demers-Weiser Garbace Collector (libgc) 2.1
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:2.1
  • Boehm-Demers-Weiser Garbace Collector (libgc) 2.0
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:2.0
  • Boehm-Demers-Weiser Garbace Collector (libgc) 1.9
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:1.9
  • Boehm-Demers-Weiser Garbace Collector (libgc) 1.8
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:1.8
  • Boehm-Demers-Weiser Garbace Collector (libgc) 1.5
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:1.5
  • Boehm-Demers-Weiser Garbace Collector (libgc) 1.4
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:1.4
  • Boehm-Demers-Weiser Garbace Collector (libgc) 1.3
    cpe:2.3:a:boehm-demers-weiser:garbage_collector:1.3
CVSS
Base: 5.0 (as of 03-10-2016 - 15:41)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
nessus via4
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1546-1.NASL
    description It was discovered that multiple integer overflows existed in the malloc and calloc implementations in the Boehm-Demers-Weiser garbage collecting memory allocator (libgc). These could allow an attacker to cause a denial of service or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 61706
    published 2012-08-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61706
    title Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : libgc vulnerability (USN-1546-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0150.NASL
    description Updated gc packages that fix one security issue are now available for Red Hat Satellite Proxy 5.6. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Red Hat Satellite Proxy provides a package-caching mechanism that reduces the bandwidth requirements for Red Hat Satellite and enables custom package deployment. Red Hat Satellite Proxy customers are able to cache RPM packages, such as are provided by Errata Updates from Red Hat, or custom RPM packages generated by their organization, on an internal, centrally-located server. gc is a Boehm-Demers-Weiser conservative garbage collector for C and C++. It was discovered that gc's implementation of the malloc() and calloc() routines did not properly perform parameter sanitization when allocating memory. If an application using gc did not implement application-level validity checks for the malloc() and calloc() routines, a remote attacker could provide specially crafted application-specific input, which, when processed by the application, could lead to an application crash or, potentially, arbitrary code execution with the privileges of the user running the application. (CVE-2012-2673) Users of Red Hat Network Proxy 5.6 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For this update to take effect, Red Hat Network Proxy must be restarted. Refer to the Solution section for details.
    last seen 2019-02-21
    modified 2018-12-13
    plugin id 78997
    published 2014-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78997
    title RHEL 5 : gc in Satellite Server (RHSA-2014:0150)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20131104_GC_ON_SL6_X.NASL
    description It was discovered that gc's implementation of the malloc() and calloc() routines did not properly perform parameter sanitization when allocating memory. If an application using gc did not implement application-level validity checks for the malloc() and calloc() routines, a remote attacker could provide specially crafted application-specific input, which, when processed by the application, could lead to an application crash or, potentially, arbitrary code execution with the privileges of the user running the application. (CVE-2012-2673) Applications using gc must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 70756
    published 2013-11-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70756
    title Scientific Linux Security Update : gc on SL6.x i386/x86_64
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-9637.NASL
    description Backport upstream fixes for memory allocation related overflows. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 59742
    published 2012-06-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59742
    title Fedora 16 : gc-7.2b-2.fc16 (2012-9637)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1500.NASL
    description Updated gc packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. gc is a Boehm-Demers-Weiser conservative garbage collector for C and C++. It was discovered that gc's implementation of the malloc() and calloc() routines did not properly perform parameter sanitization when allocating memory. If an application using gc did not implement application-level validity checks for the malloc() and calloc() routines, a remote attacker could provide specially crafted application-specific input, which, when processed by the application, could lead to an application crash or, potentially, arbitrary code execution with the privileges of the user running the application. (CVE-2012-2673) Users of gc are advised to upgrade to these updated packages, which contain backported patches to correct this issue. Applications using gc must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 70755
    published 2013-11-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70755
    title RHEL 6 : gc (RHSA-2013:1500)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0149.NASL
    description Updated gc packages that fix one security issue are now available for Red Hat Satellite 5.6. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Red Hat Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, remote management and monitoring of multiple Linux deployments with a single, centralized tool. gc is a Boehm-Demers-Weiser conservative garbage collector for C and C++. It was discovered that gc's implementation of the malloc() and calloc() routines did not properly perform parameter sanitization when allocating memory. If an application using gc did not implement application-level validity checks for the malloc() and calloc() routines, a remote attacker could provide specially crafted application-specific input, which, when processed by the application, could lead to an application crash or, potentially, arbitrary code execution with the privileges of the user running the application. (CVE-2012-2673) Users of Red Hat Satellite 5.6 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For this update to take effect, Red Hat Satellite must be restarted. Refer to the Solution section for details.
    last seen 2019-02-21
    modified 2018-12-13
    plugin id 78996
    published 2014-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78996
    title RHEL 5 : spacewalk in Satellite Server (RHSA-2014:0149)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-9556.NASL
    description Backport upstream fixes for memory allocation related overflows Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 59739
    published 2012-06-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59739
    title Fedora 17 : gc-7.2b-2.fc17 (2012-9556)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2013-1500.NASL
    description Updated gc packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. gc is a Boehm-Demers-Weiser conservative garbage collector for C and C++. It was discovered that gc's implementation of the malloc() and calloc() routines did not properly perform parameter sanitization when allocating memory. If an application using gc did not implement application-level validity checks for the malloc() and calloc() routines, a remote attacker could provide specially crafted application-specific input, which, when processed by the application, could lead to an application crash or, potentially, arbitrary code execution with the privileges of the user running the application. (CVE-2012-2673) Users of gc are advised to upgrade to these updated packages, which contain backported patches to correct this issue. Applications using gc must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 70747
    published 2013-11-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70747
    title CentOS 6 : gc (CESA-2013:1500)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-1500.NASL
    description From Red Hat Security Advisory 2013:1500 : Updated gc packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. gc is a Boehm-Demers-Weiser conservative garbage collector for C and C++. It was discovered that gc's implementation of the malloc() and calloc() routines did not properly perform parameter sanitization when allocating memory. If an application using gc did not implement application-level validity checks for the malloc() and calloc() routines, a remote attacker could provide specially crafted application-specific input, which, when processed by the application, could lead to an application crash or, potentially, arbitrary code execution with the privileges of the user running the application. (CVE-2012-2673) Users of gc are advised to upgrade to these updated packages, which contain backported patches to correct this issue. Applications using gc must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-08-13
    plugin id 70754
    published 2013-11-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70754
    title Oracle Linux 6 : gc (ELSA-2013-1500)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2012-158.NASL
    description A security issue was identified and fixed in gc : Multiple integer overflows in the (1) GC_generic_malloc and (2) calloc funtions in malloc.c, and the (3) GC_generic_malloc_ignore_off_page function in mallocx.c in Boehm-Demers-Weiser GC (libgc) before 7.2 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected (CVE-2012-2673). The updated packages have been patched to correct this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 62424
    published 2012-10-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62424
    title Mandriva Linux Security Advisory : gc (MDVSA-2012:158)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2013-245.NASL
    description It was discovered that gc's implementation of the malloc() and calloc() routines did not properly perform parameter sanitization when allocating memory. If an application using gc did not implement application-level validity checks for the malloc() and calloc() routines, a remote attacker could provide specially crafted application-specific input, which, when processed by the application, could lead to an application crash or, potentially, arbitrary code execution with the privileges of the user running the application. (CVE-2012-2673)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 70907
    published 2013-11-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70907
    title Amazon Linux AMI : gc (ALAS-2013-245)
redhat via4
advisories
  • bugzilla
    id 828878
    title CVE-2012-2673 gc: malloc() and calloc() overflows
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhsa:tst:20100842001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhsa:tst:20100842002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20100842003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20100842004
    • OR
      • AND
        • comment gc is earlier than 0:7.1-12.el6_4
          oval oval:com.redhat.rhsa:tst:20131500005
        • comment gc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131500006
      • AND
        • comment gc-devel is earlier than 0:7.1-12.el6_4
          oval oval:com.redhat.rhsa:tst:20131500007
        • comment gc-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131500008
    rhsa
    id RHSA-2013:1500
    released 2013-11-04
    severity Moderate
    title RHSA-2013:1500: gc security update (Moderate)
  • rhsa
    id RHSA-2014:0149
  • rhsa
    id RHSA-2014:0150
rpms
  • gc-0:7.1-12.el6_4
  • gc-devel-0:7.1-12.el6_4
refmap via4
bid 54227
confirm
fedora
  • FEDORA-2012-9556
  • FEDORA-2012-9637
mandriva MDVSA-2012:158
misc http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/
mlist
  • [oss-security] 20120605 memory allocator upstream patches
  • [oss-security] 20120607 Re: memory allocator upstream patches
ubuntu USN-1546-1
Last major update 28-09-2016 - 21:59
Published 25-07-2012 - 15:55
Back to Top