You are here

CVE-2012-3405

Vincent (CVE) Danen's picture
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers "desynchronization within the buffer size handling," a different vulnerability than CVE-2012-3404.

Details Source

Mitre

Statement

This issue did not affect the version of glibc as shipped with Red Hat Enterprise Linux 5.

Public Date

2012-07-11 00:00:00

Impact

Moderate

Bugzilla

CVE-2012-3405 glibc: incorrect use of extend_alloca() in formatted printing can lead to FORTIFY_SOURCE format string protection bypass

Bugzilla ID

833 704

CVSS Status

verified

Base Score

6.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:P/A:P

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 6 (glibc) RHSA-2012:1098 2012-07-18
RHEV Hypervisor for RHEL-6 (rhev-hypervisor6) RHSA-2012:1200 2012-08-23

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 5 glibc Not affected