ELSA-2012-0393

Опубликовано: 15 мар. 2012

Источник: oracle-oval

Платформа: Oracle Linux 6

Описание

ELSA-2012-0393: glibc security and bug fix update (MODERATE)

[2.12-1.47.el6_2.9]

Always use another area after a failed allocation in the main arena (#795328)
- Remove sse3 memcpy (#695812) changes (#799259)

[2.12-1.47.el6_2.8]

Avoid nargs integer overflow which could be used to bypass FORTIFY_SOURCE (#794815)

[2.12-1.47.el6_2.7]

Fix locking on malloc family retry paths (#795328)

[2.12-1.47.el6_2.6]

Fix cycle detection in dynamic loader (#783999)

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

glibc

2.12-1.47.el6_2.9

glibc-common

2.12-1.47.el6_2.9

glibc-devel

2.12-1.47.el6_2.9

glibc-headers

2.12-1.47.el6_2.9

glibc-static

2.12-1.47.el6_2.9

glibc-utils

2.12-1.47.el6_2.9

nscd

2.12-1.47.el6_2.9

Oracle Linux i686

glibc

2.12-1.47.el6_2.9

glibc-common

2.12-1.47.el6_2.9

glibc-devel

2.12-1.47.el6_2.9

glibc-headers

2.12-1.47.el6_2.9

glibc-static

2.12-1.47.el6_2.9

glibc-utils

2.12-1.47.el6_2.9

nscd

2.12-1.47.el6_2.9

Связанные CVE

CVE-2012-0864

Ссылки на источники

Связанные уязвимости

CVE-2012-0864

ubuntu

больше 12 лет назад

Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments.

CVE-2012-0864

redhat

почти 15 лет назад

CVE-2012-0864

nvd

больше 12 лет назад

CVE-2012-0864

debian

больше 12 лет назад

Integer overflow in the vfprintf function in stdio-common/vfprintf.c i ...

GHSA-x2p4-f3vf-gwp3

github

больше 3 лет назад