CVE-2012-2673

Publication date 25 July 2012

Last updated 24 July 2024


Ubuntu priority

Multiple integer overflows in the (1) GC_generic_malloc and (2) calloc functions in malloc.c, and the (3) GC_generic_malloc_ignore_off_page function in mallocx.c in Boehm-Demers-Weiser GC (libgc) before 7.2 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected.

Status

Package Ubuntu Release Status
libgc 12.04 LTS precise
Fixed 1:7.1-8ubuntu0.12.04.1
11.10 oneiric
Fixed 1:7.1-8ubuntu0.11.10.1
11.04 natty
Fixed 1:6.8-1.2ubuntu3.2
10.04 LTS lucid
Fixed 1:6.8-1.2ubuntu1.1
8.04 LTS hardy
Fixed 1:6.8-1.1ubuntu0.1

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
libgc

References

Related Ubuntu Security Notices (USN)

Other references