CVE-2012-3509
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow.
Varias vulnerabilidades de desbordamiento de enteros en la función _objalloc_alloc (1) en objalloc.c y (2) macro objalloc_alloc en include/objalloc.h en GNU libiberty, utilizada por binutils v2.22, permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores relacionada con la "adición de CHUNK_HEADER_SIZE a la longitud", lo que provoca un desbordamiento de búfer basado en heap
CVSS Scores
SSVC
- Decision:-
Timeline
- 2012-06-14 CVE Reserved
- 2012-09-05 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-189: Numeric Errors
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54411 | Issue Tracking | |
| http://security-tracker.debian.org/tracker/CVE-2012-3509 | Issue Tracking | |
| http://www.openwall.com/lists/oss-security/2012/08/29/3 | Mailing List |
|
| http://www.securityfocus.com/bid/55281 | Third Party Advisory | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/78135 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://gcc.gnu.org/ml/gcc-patches/2012-08/msg01986.html | 2017-08-29 |
| URL | Date | SRC |
|---|---|---|
| http://www.mandriva.com/security/advisories?name=MDVSA-2015:029 | 2017-08-29 | |
| http://www.ubuntu.com/usn/USN-2496-1 | 2017-08-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Gnu Search vendor "Gnu" | Binutils Search vendor "Gnu" for product "Binutils" | 2.22 Search vendor "Gnu" for product "Binutils" and version "2.22" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Libiberty Search vendor "Gnu" for product "Libiberty" | - | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 10.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "10.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.10" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 7.0 Search vendor "Debian" for product "Debian Linux" and version "7.0" | - |
Affected
| ||||||