CVE-2013-4332

2013-10-10 00:55:02 2017-07-01 03:29:04

Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL

Red Hat Enterprise Linux 5

Gnu - Glibc Redhat - Enterprise linux

Advisory	Patch	Confirmed	Link
			GLSA-201503-04
			https://sourceware.org/bugzilla/show_bug.cgi?id=15855
			USN-1991-1
			https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-433...
			62324
			MDVSA-2013:284
			[oss-security] 20130912 Re: CVE Request: Three integer o...
			MDVSA-2013:283
			RHSA-2013:1605
			https://sourceware.org/bugzilla/show_bug.cgi?id=15856
			RHSA-2013:1411
			https://sourceware.org/bugzilla/show_bug.cgi?id=15857

CVE-2013-4332

2013-10-10 00:55:02 2017-07-01 03:29:04

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)