Bug 839870 (CVE-2013-4332) - VUL-0: CVE-2013-4332: glibc: three integer overflows in memory allocator
Summary: VUL-0: CVE-2013-4332: glibc: three integer overflows in memory allocator
Status: RESOLVED FIXED
Alias: CVE-2013-4332
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Deadline: 2013-12-24
Assignee: Andreas Schwab
QA Contact: Security Team bot
URL:
Whiteboard: maint:released:sle11-sp2:54433 maint:...
Keywords:
Depends on:
Blocks:
 
Reported: 2013-09-12 08:51 UTC by Alexander Bergmann
Modified: 2014-09-18 05:21 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2013-09-12 08:51:00 UTC 
Public via oss-security.

Date: Wed, 11 Sep 2013 12:49:04 +0100
From: Will Newton
Subject: [oss-security] CVE Request: Three integer overflows in glibc memory allocator

I recently discovered three integer overflow issues in the glibc
memory allocator functions pvalloc, valloc and
posix_memalign/memalign/aligned_alloc. These issues cause a large
allocation size to wrap around and cause a wrong sized allocation and
heap corruption. The issues are fixed in glibc mainline.

The relevant glibc bugzilla entries are here:

https://sourceware.org/bugzilla/show_bug.cgi?id=15855
https://sourceware.org/bugzilla/show_bug.cgi?id=15856
https://sourceware.org/bugzilla/show_bug.cgi?id=15857

--------------------

CVE-2013-4332 was assigned for this issue.
Comment 1 Bernhard Wiedemann 2013-09-12 15:00:09 UTC 
This is an autogenerated message for OBS integration:
This bug (839870) was mentioned in
https://build.opensuse.org/request/show/198717 Factory / glibc
Comment 3 Swamp Workflow Management 2013-09-12 22:00:21 UTC 
bugbot adjusting priority
Comment 4 Swamp Workflow Management 2013-09-30 16:06:34 UTC 
openSUSE-SU-2013:1510-1: An update that solves 6 vulnerabilities and has 5 fixes is now available.

Category: security (moderate)
Bug References: 779320,801246,805054,813121,813306,819383,819524,824046,830257,834594,839870
CVE References: CVE-2012-4412,CVE-2013-0242,CVE-2013-1914,CVE-2013-2207,CVE-2013-4237,CVE-2013-4332
Sources used:
openSUSE 12.3 (src):    glibc-2.17-4.7.1, glibc-testsuite-2.17-4.7.2, glibc-testsuite-2.17-4.7.3, glibc-utils-2.17-4.7.1
Comment 6 Swamp Workflow Management 2013-12-10 06:25:06 UTC 
Update released for: glibc, glibc-32bit, glibc-debuginfo, glibc-debuginfo-32bit, glibc-debuginfo-64bit, glibc-debuginfo-x86, glibc-debugsource, glibc-devel, glibc-devel-32bit, glibc-html, glibc-i18ndata, glibc-info, glibc-locale, glibc-locale-32bit, glibc-locale-x86, glibc-obsolete, glibc-profile, glibc-profile-32bit, glibc-profile-x86, glibc-x86, nscd
Products:
SLE-DEBUGINFO 11-SP2 (i386, ia64, ppc64, s390x, x86_64)
SLE-DESKTOP 11-SP2 (i386, x86_64)
SLE-SDK 11-SP2 (i386, x86_64)
SLE-SERVER 11-SP2 (i386, ia64, ppc64, s390x, x86_64)
SLES4VMWARE 11-SP2 (i386, x86_64)
Comment 7 Swamp Workflow Management 2013-12-10 06:53:35 UTC 
Update released for: glibc, glibc-32bit, glibc-debuginfo, glibc-debuginfo-32bit, glibc-debuginfo-64bit, glibc-debuginfo-x86, glibc-debugsource, glibc-devel, glibc-devel-32bit, glibc-html, glibc-i18ndata, glibc-info, glibc-locale, glibc-locale-32bit, glibc-locale-x86, glibc-obsolete, glibc-profile, glibc-profile-32bit, glibc-profile-x86, glibc-x86, nscd
Products:
SLE-DEBUGINFO 11-SP3 (i386, ia64, ppc64, s390x, x86_64)
SLE-DESKTOP 11-SP3 (i386, x86_64)
SLE-SDK 11-SP3 (i386, x86_64)
SLE-SERVER 11-SP3 (i386, ia64, ppc64, s390x, x86_64)
SLES4VMWARE 11-SP3 (i386, x86_64)
Comment 8 Swamp Workflow Management 2013-12-10 12:42:04 UTC 
The SWAMPID for this issue is 55384.
This issue was rated as moderate.
Please submit fixed packages until 2013-12-24.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.
Comment 11 Swamp Workflow Management 2013-12-19 10:04:54 UTC 
Update released for: glibc, glibc-devel, glibc-html, glibc-i18ndata, glibc-info, glibc-locale, glibc-profile, nscd, timezone
Products:
SUSE-CORE 9-SP3-TERADATA (x86_64)
Comment 12 Swamp Workflow Management 2013-12-19 11:04:54 UTC 
Update released for: glibc, glibc-32bit, glibc-dceext, glibc-dceext-32bit, glibc-dceext-devel, glibc-debuginfo, glibc-devel, glibc-devel-32bit, glibc-html, glibc-i18ndata, glibc-info, glibc-locale, glibc-locale-32bit, glibc-obsolete, glibc-profile, glibc-profile-32bit, nscd
Products:
SLE-SERVER 10-SP3-TERADATA (x86_64)
Comment 13 Swamp Workflow Management 2013-12-19 11:05:40 UTC 
Update released for: glibc, glibc-32bit, glibc-debuginfo, glibc-debugsource, glibc-devel, glibc-devel-32bit, glibc-html, glibc-i18ndata, glibc-info, glibc-locale, glibc-locale-32bit, glibc-obsolete, glibc-profile, glibc-profile-32bit, nscd
Products:
SLE-SERVER 11-SP1-TERADATA (x86_64)
Comment 14 Victor Pereira 2014-07-30 12:42:44 UTC 
fixed and released
Comment 15 Swamp Workflow Management 2014-09-12 04:05:51 UTC 
SUSE-SU-2014:1122-1: An update that solves 7 vulnerabilities and has 6 fixes is now available.

Category: security (important)
Bug References: 750741,779320,801246,830268,834594,836746,839870,843735,864081,882600,883022,886416,892073
CVE References: CVE-2012-4412,CVE-2013-0242,CVE-2013-4237,CVE-2013-4332,CVE-2013-4788,CVE-2014-4043,CVE-2014-5119
Sources used:
SUSE Linux Enterprise Server 11 SP1 LTSS (src):    glibc-2.11.1-0.58.1
Comment 16 Swamp Workflow Management 2014-09-15 17:05:21 UTC 
SUSE-SU-2014:1128-1: An update that solves 6 vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 779320,801246,824639,834594,839870,842291,860501,882600,892073,894553,894556
CVE References: CVE-2012-4412,CVE-2013-0242,CVE-2013-4237,CVE-2013-4332,CVE-2014-4043,CVE-2014-5119
Sources used:
SUSE Linux Enterprise Server 10 SP3 LTSS (src):    glibc-2.4-31.77.112.1