Описание
Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| gcc-4.1 | removed | package | ||
| gcc-4.1 | no-dsa | squeeze | package | |
| gcc-4.3 | removed | package | ||
| gcc-4.3 | no-dsa | squeeze | package | |
| gcc-4.4 | unfixed | package | ||
| gcc-4.4 | no-dsa | squeeze | package | |
| gcc-4.4 | no-dsa | wheezy | package | |
| gcc-4.6 | unfixed | package | ||
| gcc-4.6 | no-dsa | wheezy | package | |
| gcc-4.7 | removed | package | ||
| gcc-4.7 | no-dsa | wheezy | package | |
| gcc-4.8 | fixed | 4.8.0-1 | package |
Примечания
Are there apps known to be exploitable through this?
Any application using unguarded memory allocation would be susceptible to DoS anyway?
This should be addressed in jessie by getting this fixed in gcc 4.7, so that the archive is
properly rebuild with a fixed version from the start
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2002-2439
EPSS
Связанные уязвимости
operator new[] sometimes returns pointers to heap blocks which are too small. When a new array is allocated, the C++ run-time has to calculate its size. The product may exceed the maximum value which can be stored in a machine register. This error is ignored, and the truncated value is used for the heap allocation. This may lead to heap overflows and therefore security bugs. (See http://cert.uni-stuttgart.de/advisories/calloc.php for further references.)
Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.
Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.
Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.
EPSS