You are here

CVE-2012-3509

Vincent (CVE) Danen's picture
Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow.

Details Source

Mitre

Statement

The versions of the gdb package, as shipped with Red Hat Enterprise Linux 5 and 6 are vulnerable to the original libiberty integer overflow flaw. But due the way of subsequent processing of the previously insufficiently pre-allocated libiberty buffer within gdb code, the impact of this issue is limited to crash only. Red Hat Security Response Team does not consider crash of end-user application, such as gdb, to be a security flaw.

Public Date

2012-08-29 00:00:00

Impact

Moderate

Bugzilla

CVE-2012-3509 libiberty: integer overflow, leading to heap-buffer overflow by processing certain file headers via bfd binary

Bugzilla ID

849 693

CVSS Status

draft

Base Score

6.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE

CWE-190->CWE-122

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 mingw32-binutils Under investigation
Red Hat Enterprise Linux 6 gcc Not affected
Red Hat Enterprise Linux 6 mingw32-gcc Not affected
Red Hat Enterprise Linux 6 compat-gcc-296 Not affected
Red Hat Enterprise Linux 6 compat-gcc-295 Not affected
Red Hat Enterprise Linux 6 crash Under investigation
Red Hat Enterprise Linux 6 gdb Not affected
Red Hat Enterprise Linux 6 compat-gcc-32 Not affected
Red Hat Enterprise Linux 6 compat-gcc-34 Not affected
Red Hat Enterprise Linux 6 binutils Under investigation
Red Hat Enterprise Linux 5 compat-gcc-34 Not affected
Red Hat Enterprise Linux 5 binutils Under investigation
Red Hat Enterprise Linux 5 compat-gcc-32 Not affected
Red Hat Enterprise Linux 5 gcc44 Not affected
Red Hat Enterprise Linux 5 crash Under investigation
Red Hat Enterprise Linux 5 compat-gcc-296 Not affected
Red Hat Enterprise Linux 5 compat-gcc-295 Not affected
Red Hat Enterprise Linux 5 gcc Not affected
Red Hat Enterprise Linux 5 binutils220 Under investigation
Red Hat Enterprise Linux 5 gdb Not affected