http://www.openwall.com/lists/oss-security/2013/09/11/2 "Date: Wed, 11 Sep 2013 12:49:04 +0100 From: Will Newton <will.newton@...aro.org> To: oss-security@...ts.openwall.com Subject: CVE Request: Three integer overflows in glibc memory allocator Hi, I recently discovered three integer overflow issues in the glibc memory allocator functions pvalloc, valloc and posix_memalign/memalign/aligned_alloc. These issues cause a large allocation size to wrap around and cause a wrong sized allocation and heap corruption. The issues are fixed in glibc mainline. The relevant glibc bugzilla entries are here: https://sourceware.org/bugzilla/show_bug.cgi?id=15855 https://sourceware.org/bugzilla/show_bug.cgi?id=15856 https://sourceware.org/bugzilla/show_bug.cgi?id=15857 Thanks, -- Will Newton Toolchain Working Group, Linaro" CVE assignment: http://www.openwall.com/lists/oss-security/2013/09/11/7 Patch from: http://www.openwall.com/lists/oss-security/2013/09/12/6 Reproducible: Steps to Reproduce:
Created attachment 4350 [details] patch from http://www.openwall.com/lists/oss-security/2013/09/12/6
Depends on: (none) => 11059Summary: CVE-2013-4332: glibc - integer overflow in pvalloc, valloc, and memalign => glibc - integer overflow in pvalloc, valloc, and memalign (CVE-2013-4332)
This fix is tracked/fixed in: https://bugs.mageia.org/show_bug.cgi?id=11059 *** This bug has been marked as a duplicate of bug 11059 ***
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => DUPLICATE