Bugzilla – Bug 801246
VUL-0: CVE-2013-0242: glibc: DoS due to a buffer overrun in regexp matcher by processing multibyte characters
Last modified: 2014-09-18 05:21:25 UTC
Via oss-sec: Date: Wed, 30 Jan 2013 06:40:30 -0500 (EST) From: Jan Lieskovsky To: oss-security Hello Kurt, Steve, vendors, a security flaw was found in the regular expression matching routine of glibc, the GNU libc libraries, processed multibyte characters input. If an application utilized the glibc's regular expression matching mechanism, an attacker could provide a specially-crafted input that, when processed would lead to that executable crash. Upstream bug report: [1] http://sourceware.org/bugzilla/show_bug.cgi?id=15078 Relevant patch: [2] http://sourceware.org/ml/libc-alpha/2013-01/msg00967.html More background: * (from Paolo): Jan 30 11:34:19 <bonzini> iankko: it is a memset(foo, 0, ...) that overruns the buffer, so it's not controllable by the attacker * but the denial of service scenario / attack vector is valid (consider network facing application using glibc's regexp matching on untrusted input) Could you allocate a CVE id for this? Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
bugbot adjusting priority
CVE-2013-0242
Andreas, do you know what glibc versions are affected?
All versions are affected.
This is an autogenerated message for OBS integration: This bug (801246) was mentioned in https://build.opensuse.org/request/show/175893 Factory / glibc
The SWAMPID for this issue is 54298. This issue was rated as low. Please submit fixed packages until 2013-09-26. Also create a patchinfo file using this link: https://swamp.suse.de/webswamp/wf/54298
openSUSE-SU-2013:1510-1: An update that solves 6 vulnerabilities and has 5 fixes is now available. Category: security (moderate) Bug References: 779320,801246,805054,813121,813306,819383,819524,824046,830257,834594,839870 CVE References: CVE-2012-4412,CVE-2013-0242,CVE-2013-1914,CVE-2013-2207,CVE-2013-4237,CVE-2013-4332 Sources used: openSUSE 12.3 (src): glibc-2.17-4.7.1, glibc-testsuite-2.17-4.7.2, glibc-testsuite-2.17-4.7.3, glibc-utils-2.17-4.7.1
Update released for: glibc, glibc-32bit, glibc-debuginfo, glibc-debuginfo-32bit, glibc-debuginfo-64bit, glibc-debuginfo-x86, glibc-debugsource, glibc-devel, glibc-devel-32bit, glibc-html, glibc-i18ndata, glibc-info, glibc-locale, glibc-locale-32bit, glibc-locale-x86, glibc-obsolete, glibc-profile, glibc-profile-32bit, glibc-profile-x86, glibc-x86, nscd Products: SLE-DEBUGINFO 11-SP2 (i386, ia64, ppc64, s390x, x86_64) SLE-DESKTOP 11-SP2 (i386, x86_64) SLE-SDK 11-SP2 (i386, x86_64) SLE-SERVER 11-SP2 (i386, ia64, ppc64, s390x, x86_64) SLES4VMWARE 11-SP2 (i386, x86_64)
Update released for: glibc, glibc-32bit, glibc-debuginfo, glibc-debuginfo-32bit, glibc-debuginfo-64bit, glibc-debuginfo-x86, glibc-debugsource, glibc-devel, glibc-devel-32bit, glibc-html, glibc-i18ndata, glibc-info, glibc-locale, glibc-locale-32bit, glibc-locale-x86, glibc-obsolete, glibc-profile, glibc-profile-32bit, glibc-profile-x86, glibc-x86, nscd Products: SLE-DEBUGINFO 11-SP3 (i386, ia64, ppc64, s390x, x86_64) SLE-DESKTOP 11-SP3 (i386, x86_64) SLE-SDK 11-SP3 (i386, x86_64) SLE-SERVER 11-SP3 (i386, ia64, ppc64, s390x, x86_64) SLES4VMWARE 11-SP3 (i386, x86_64)
The SWAMPID for this issue is 55384. This issue was rated as moderate. Please submit fixed packages until 2013-12-24. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
Update released for: glibc, glibc-devel, glibc-html, glibc-i18ndata, glibc-info, glibc-locale, glibc-profile, nscd, timezone Products: SUSE-CORE 9-SP3-TERADATA (x86_64)
Update released for: glibc, glibc-32bit, glibc-dceext, glibc-dceext-32bit, glibc-dceext-devel, glibc-debuginfo, glibc-devel, glibc-devel-32bit, glibc-html, glibc-i18ndata, glibc-info, glibc-locale, glibc-locale-32bit, glibc-obsolete, glibc-profile, glibc-profile-32bit, nscd Products: SLE-SERVER 10-SP3-TERADATA (x86_64)
Update released for: glibc, glibc-32bit, glibc-debuginfo, glibc-debugsource, glibc-devel, glibc-devel-32bit, glibc-html, glibc-i18ndata, glibc-info, glibc-locale, glibc-locale-32bit, glibc-obsolete, glibc-profile, glibc-profile-32bit, nscd Products: SLE-SERVER 11-SP1-TERADATA (x86_64)
all released
SUSE-SU-2014:1122-1: An update that solves 7 vulnerabilities and has 6 fixes is now available. Category: security (important) Bug References: 750741,779320,801246,830268,834594,836746,839870,843735,864081,882600,883022,886416,892073 CVE References: CVE-2012-4412,CVE-2013-0242,CVE-2013-4237,CVE-2013-4332,CVE-2013-4788,CVE-2014-4043,CVE-2014-5119 Sources used: SUSE Linux Enterprise Server 11 SP1 LTSS (src): glibc-2.11.1-0.58.1
SUSE-SU-2014:1128-1: An update that solves 6 vulnerabilities and has 5 fixes is now available. Category: security (important) Bug References: 779320,801246,824639,834594,839870,842291,860501,882600,892073,894553,894556 CVE References: CVE-2012-4412,CVE-2013-0242,CVE-2013-4237,CVE-2013-4332,CVE-2014-4043,CVE-2014-5119 Sources used: SUSE Linux Enterprise Server 10 SP3 LTSS (src): glibc-2.4-31.77.112.1