CVE-2012-3509
published 2012-09-05CVE-2012-3509: Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by…
medium5CVSS 3.1
AVNACLAuNCNINAP
Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | binutils | < binutils 2.22-8 (bookworm) | binutils 2.22-8 (bookworm) |
| debian | debian_linux | — | — |
| gnu | binutils | >= 0 < 2.22-8 | 2.22-8 |
| gnu | binutils | >= 0 < 2.22-8 | 2.22-8 |
| gnu | binutils | >= 0 < 2.22-8 | 2.22-8 |
| gnu | binutils | >= 0 < 2.22-8 | 2.22-8 |
| gnu | binutils | >= 0 < 2.24-5ubuntu3.1 | 2.24-5ubuntu3.1 |
| gnu | binutils | >= 2.22 < 2.24 | 2.24 |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv7.5HIGH