ID CVE-2012-2677
Summary Integer overflow in the ordered_malloc function in boost/pool/pool.hpp in Boost Pool before 3.9 makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large memory chunk size value, which causes less memory to be allocated than expected.
References
Vulnerable Configurations
  • cpe:2.3:a:boost:pool:*:*:*:*:*:*:*:*
    cpe:2.3:a:boost:pool:*:*:*:*:*:*:*:*
  • cpe:2.3:a:boost:pool:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:boost:pool:2.0.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 05-12-2013 - 05:14)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
redhat via4
advisories
bugzilla
id 828856
title CVE-2012-2677 boost: ordered_malloc() overflow
oval
OR
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment boost is earlier than 0:1.33.1-16.el5_9
          oval oval:com.redhat.rhsa:tst:20130668002
        • comment boost is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20120305003
      • AND
        • comment boost-devel is earlier than 0:1.33.1-16.el5_9
          oval oval:com.redhat.rhsa:tst:20130668006
        • comment boost-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20120305007
      • AND
        • comment boost-doc is earlier than 0:1.33.1-16.el5_9
          oval oval:com.redhat.rhsa:tst:20130668004
        • comment boost-doc is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20120305005
  • AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment boost is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668012
        • comment boost is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668013
      • AND
        • comment boost-date-time is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668024
        • comment boost-date-time is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668025
      • AND
        • comment boost-devel is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668016
        • comment boost-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668017
      • AND
        • comment boost-doc is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668038
        • comment boost-doc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668039
      • AND
        • comment boost-filesystem is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668044
        • comment boost-filesystem is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668045
      • AND
        • comment boost-graph is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668036
        • comment boost-graph is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668037
      • AND
        • comment boost-graph-mpich2 is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668058
        • comment boost-graph-mpich2 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668059
      • AND
        • comment boost-graph-openmpi is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668034
        • comment boost-graph-openmpi is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668035
      • AND
        • comment boost-iostreams is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668050
        • comment boost-iostreams is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668051
      • AND
        • comment boost-math is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668014
        • comment boost-math is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668015
      • AND
        • comment boost-mpich2 is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668060
        • comment boost-mpich2 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668061
      • AND
        • comment boost-mpich2-devel is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668056
        • comment boost-mpich2-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668057
      • AND
        • comment boost-mpich2-python is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668062
        • comment boost-mpich2-python is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668063
      • AND
        • comment boost-openmpi is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668052
        • comment boost-openmpi is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668053
      • AND
        • comment boost-openmpi-devel is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668026
        • comment boost-openmpi-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668027
      • AND
        • comment boost-openmpi-python is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668048
        • comment boost-openmpi-python is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668049
      • AND
        • comment boost-program-options is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668028
        • comment boost-program-options is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668029
      • AND
        • comment boost-python is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668042
        • comment boost-python is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668043
      • AND
        • comment boost-regex is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668030
        • comment boost-regex is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668031
      • AND
        • comment boost-serialization is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668022
        • comment boost-serialization is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668023
      • AND
        • comment boost-signals is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668032
        • comment boost-signals is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668033
      • AND
        • comment boost-static is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668040
        • comment boost-static is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668041
      • AND
        • comment boost-system is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668018
        • comment boost-system is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668019
      • AND
        • comment boost-test is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668046
        • comment boost-test is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668047
      • AND
        • comment boost-thread is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668020
        • comment boost-thread is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668021
      • AND
        • comment boost-wave is earlier than 0:1.41.0-15.el6_4
          oval oval:com.redhat.rhsa:tst:20130668054
        • comment boost-wave is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130668055
rhsa
id RHSA-2013:0668
released 2013-03-21
severity Moderate
title RHSA-2013:0668: boost security update (Moderate)
rpms
  • boost-0:1.33.1-16.el5_9
  • boost-devel-0:1.33.1-16.el5_9
  • boost-doc-0:1.33.1-16.el5_9
  • boost-0:1.41.0-15.el6_4
  • boost-date-time-0:1.41.0-15.el6_4
  • boost-devel-0:1.41.0-15.el6_4
  • boost-doc-0:1.41.0-15.el6_4
  • boost-filesystem-0:1.41.0-15.el6_4
  • boost-graph-0:1.41.0-15.el6_4
  • boost-graph-mpich2-0:1.41.0-15.el6_4
  • boost-graph-openmpi-0:1.41.0-15.el6_4
  • boost-iostreams-0:1.41.0-15.el6_4
  • boost-math-0:1.41.0-15.el6_4
  • boost-mpich2-0:1.41.0-15.el6_4
  • boost-mpich2-devel-0:1.41.0-15.el6_4
  • boost-mpich2-python-0:1.41.0-15.el6_4
  • boost-openmpi-0:1.41.0-15.el6_4
  • boost-openmpi-devel-0:1.41.0-15.el6_4
  • boost-openmpi-python-0:1.41.0-15.el6_4
  • boost-program-options-0:1.41.0-15.el6_4
  • boost-python-0:1.41.0-15.el6_4
  • boost-regex-0:1.41.0-15.el6_4
  • boost-serialization-0:1.41.0-15.el6_4
  • boost-signals-0:1.41.0-15.el6_4
  • boost-static-0:1.41.0-15.el6_4
  • boost-system-0:1.41.0-15.el6_4
  • boost-test-0:1.41.0-15.el6_4
  • boost-thread-0:1.41.0-15.el6_4
  • boost-wave-0:1.41.0-15.el6_4
refmap via4
confirm
fedora
  • FEDORA-2012-9029
  • FEDORA-2012-9818
mandriva MDVSA-2013:065
misc http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/
mlist
  • [oss-security] 20120605 memory allocator upstream patches
  • [oss-security] 20120607 Re: memory allocator upstream patches
Last major update 05-12-2013 - 05:14
Published 25-07-2012 - 19:55
Back to Top