CVE-2011-2702 - OpenCVE

Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent attackers to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) memcpy-ssse3.S, or (3) memset-sse2.S in sysdeps/i386/i686/multiarch/, which triggers an out-of-bounds read, as demonstrated using the memcpy function.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gnu	Eglibc Glibc

Configuration 1 [-]

OR	cpe:2.3:a:gnu:glibc::::::::
	cpe:2.3:a:gnu:glibc:2.12:::::::*
	cpe:2.3:a:gnu:glibc:2.12.1:::::::*

Configuration 2 [-]

cpe:2.3:a:gnu:eglibc:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://seclists.org/oss-sec/2011/q3/123
http://seclists.org/oss-sec/2011/q3/153
http://www.eglibc.org/cgi-bin/viewvc.cgi/trunk/libc/ChangeLog?view=markup&pathrev=10032
http://www.nodefense.org/eglibc.txt
http://www.osvdb.org/80718
http://xorl.wordpress.com/2011/08/06/cve-2011-2702-eglibc-and-glibc-signedness-issue/
https://bugzilla.novell.com/show_bug.cgi?id=706915
https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=a0ac24d98ace90d1ccba6a2f3e7d55600f2fdb6e

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2014-10-27T20:00:00

Updated: 2024-08-06T23:08:23.737Z

Reserved: 2011-07-11T00:00:00

Link: CVE-2011-2702

Vulnrichment

No data.

NVD

Status : Modified

Published: 2014-10-27T20:55:22.313

Modified: 2023-02-13T01:20:09.800

Link: CVE-2011-2702

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-07-18T00:00:00", "descriptions": [{"lang": "en", "value": "Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent attackers to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) memcpy-ssse3.S, or (3) memset-sse2.S in sysdeps/i386/i686/multiarch/, which triggers an out-of-bounds read, as demonstrated using the memcpy function."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-10-27T19:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.novell.com/show_bug.cgi?id=706915"}, {"name": "[oss-security] 20110718 CVE id request: (e)glibc", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://seclists.org/oss-sec/2011/q3/123"}, {"tags": ["x_refsource_MISC"], "url": "http://xorl.wordpress.com/2011/08/06/cve-2011-2702-eglibc-and-glibc-signedness-issue/"}, {"tags": ["x_refsource_MISC"], "url": "http://www.nodefense.org/eglibc.txt"}, {"name": "[oss-security] 20110720 Re: CVE id request: (e)glibc", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://seclists.org/oss-sec/2011/q3/153"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=a0ac24d98ace90d1ccba6a2f3e7d55600f2fdb6e"}, {"name": "80718", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/80718"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.eglibc.org/cgi-bin/viewvc.cgi/trunk/libc/ChangeLog?view=markup&pathrev=10032"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:08:23.737Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.novell.com/show_bug.cgi?id=706915"}, {"name": "[oss-security] 20110718 CVE id request: (e)glibc", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://seclists.org/oss-sec/2011/q3/123"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://xorl.wordpress.com/2011/08/06/cve-2011-2702-eglibc-and-glibc-signedness-issue/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.nodefense.org/eglibc.txt"}, {"name": "[oss-security] 20110720 Re: CVE id request: (e)glibc", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://seclists.org/oss-sec/2011/q3/153"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=a0ac24d98ace90d1ccba6a2f3e7d55600f2fdb6e"}, {"name": "80718", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/80718"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.eglibc.org/cgi-bin/viewvc.cgi/trunk/libc/ChangeLog?view=markup&pathrev=10032"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-2702", "datePublished": "2014-10-27T20:00:00", "dateReserved": "2011-07-11T00:00:00", "dateUpdated": "2024-08-06T23:08:23.737Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "matchCriteriaId": "81FC02B2-EEB1-40EA-ADE5-479ED3FC11A7", "versionEndIncluding": "2.12.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*", "matchCriteriaId": "18F57529-10DF-447A-8C53-DD4B1C2AA21E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:eglibc:*:*:*:*:*:*:*:*", "matchCriteriaId": "860D5A05-DC7D-4CB7-A22A-3C7DD8E0897D", "versionEndIncluding": "2.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent attackers to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) memcpy-ssse3.S, or (3) memset-sse2.S in sysdeps/i386/i686/multiarch/, which triggers an out-of-bounds read, as demonstrated using the memcpy function."}, {"lang": "es", "value": "Error de signo de enteros en Glibc anterior a 2.13 y eglibc anterior a 2.13, cuando utiliza la optimizaci\u00f3n Supplemental Streaming SIMD Extensions 3 (SSSE3), permite a atacantes dependientes de contexto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un par\u00e1metro de longitud negativo en (1) memcpy-ssse3-rep.S, (2) memcpy-ssse3.S, o (3) memset-sse2.S en sysdeps/i386/i686/multiarch/, lo que provoca una lectura fuera de rango, tal y como fue demostrado mediante el uso de la funci\u00f3n memcpy."}], "id": "CVE-2011-2702", "lastModified": "2023-02-13T01:20:09.800", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-10-27T20:55:22.313", "references": [{"source": "secalert@redhat.com", "url": "http://seclists.org/oss-sec/2011/q3/123"}, {"source": "secalert@redhat.com", "url": "http://seclists.org/oss-sec/2011/q3/153"}, {"source": "secalert@redhat.com", "url": "http://www.eglibc.org/cgi-bin/viewvc.cgi/trunk/libc/ChangeLog?view=markup&pathrev=10032"}, {"source": "secalert@redhat.com", "url": "http://www.nodefense.org/eglibc.txt"}, {"source": "secalert@redhat.com", "url": "http://www.osvdb.org/80718"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://xorl.wordpress.com/2011/08/06/cve-2011-2702-eglibc-and-glibc-signedness-issue/"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.novell.com/show_bug.cgi?id=706915"}, {"source": "secalert@redhat.com", "url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=a0ac24d98ace90d1ccba6a2f3e7d55600f2fdb6e"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}