{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-03-05T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple integer overflows in the (1) GC_generic_malloc and (2) calloc functions in malloc.c, and the (3) GC_generic_malloc_ignore_off_page function in mallocx.c in Boehm-Demers-Weiser GC (libgc) before 7.2 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-09-27T13:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2013:1500", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1500.html"}, {"name": "USN-1546-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1546-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ivmai/bdwgc/commit/e10c1eb9908c2774c16b3148b30d2f3823d66a9a"}, {"name": "FEDORA-2012-9637", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082988.html"}, {"tags": ["x_refsource_MISC"], "url": "http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/"}, {"name": "[oss-security] 20120605 memory allocator upstream patches", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/06/05/1"}, {"name": "[oss-security] 20120607 Re: memory allocator upstream patches", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/06/07/13"}, {"name": "MDVSA-2012:158", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:158"}, {"name": "RHSA-2014:0150", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0150.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ivmai/bdwgc/commit/83231d0ab5ed60015797c3d1ad9056295ac3b2bb"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ivmai/bdwgc/blob/master/ChangeLog"}, {"name": "FEDORA-2012-9556", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082926.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ivmai/bdwgc/commit/be9df82919960214ee4b9d3313523bff44fd99e1"}, {"name": "RHSA-2014:0149", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0149.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ivmai/bdwgc/commit/6a93f8e5bcad22137f41b6c60a1c7384baaec2b3"}, {"name": "54227", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/54227"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:42:32.365Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2013:1500", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1500.html"}, {"name": "USN-1546-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1546-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/ivmai/bdwgc/commit/e10c1eb9908c2774c16b3148b30d2f3823d66a9a"}, {"name": "FEDORA-2012-9637", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082988.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/"}, {"name": "[oss-security] 20120605 memory allocator upstream patches", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/06/05/1"}, {"name": "[oss-security] 20120607 Re: memory allocator upstream patches", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/06/07/13"}, {"name": "MDVSA-2012:158", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:158"}, {"name": "RHSA-2014:0150", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0150.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/ivmai/bdwgc/commit/83231d0ab5ed60015797c3d1ad9056295ac3b2bb"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/ivmai/bdwgc/blob/master/ChangeLog"}, {"name": "FEDORA-2012-9556", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082926.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/ivmai/bdwgc/commit/be9df82919960214ee4b9d3313523bff44fd99e1"}, {"name": "RHSA-2014:0149", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0149.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/ivmai/bdwgc/commit/6a93f8e5bcad22137f41b6c60a1c7384baaec2b3"}, {"name": "54227", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/54227"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-2673", "datePublished": "2012-07-25T19:00:00", "dateReserved": "2012-05-14T00:00:00", "dateUpdated": "2024-08-06T19:42:32.365Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:*:alpha6:*:*:*:*:*:*", "matchCriteriaId": "FB7E10E2-C5DB-41EC-97EB-CE8536C43C1A", "versionEndIncluding": "7.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "491073DC-2BFD-4B0C-BDF2-9F5280A66B58", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "25A7A8FB-CF57-4E84-B7E6-163AC7CB018B", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "083750EB-C841-412C-A006-4DD509479289", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:1.8:*:*:*:*:*:*:*", "matchCriteriaId": "031EAB4C-6E1A-4582-8FB8-EAED0AFFA8A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:1.9:*:*:*:*:*:*:*", "matchCriteriaId": "4B979DD2-47F2-4F4A-BCAB-3B205142FABA", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "4717403B-917C-4114-98B7-ECE20DCCC5AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "4E207890-449C-46B9-93E7-A63FF8684A04", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "F6BA97C7-7860-4BB3-B066-A42F0FFCD89C", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "F34B767E-85C3-4647-B945-3D68A47A32C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3C1B8A06-29C8-4967-8907-C0049AA0958F", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "299A66C9-C24B-42E6-A66F-D4CD81DDB7F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "38B1EF53-DEEF-492B-8ED7-C3317DA8352D", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "0D54EC0E-A58E-46E5-8B1D-C05AED9275C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "46675810-D684-47E2-8110-3E0E676DFD2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "63943010-1074-46CF-BC8B-2F6D3A65F6E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "15EF17F8-7C98-4196-B982-A232EC8E03B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.6:*:*:*:*:*:*:*", "matchCriteriaId": "FD38128B-2CED-4E4D-991F-B304E70D28E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.7:*:*:*:*:*:*:*", "matchCriteriaId": "1EA5BC4D-FEE0-410B-A6B0-620404012D67", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F9EB7E2B-DBBC-42D2-ADFB-780C4719AB6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "B7E6ACC0-B90C-45C6-A92F-B253CF9E6B1D", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "D43D4FE2-8C2F-4295-9201-1C1BA29149AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "A821A89F-BC65-4902-A654-4653D7F5EB12", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "E26120DA-A675-4D40-986B-80816C354C7A", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "77311E02-BA9E-4EE2-B4C8-93924F21B42E", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "3903A88C-7D08-4C1A-A9F6-306D3431EED3", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.7:*:*:*:*:*:*:*", "matchCriteriaId": "7E191DDB-847C-4B23-A2E7-92C7FDFAB320", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.8:*:*:*:*:*:*:*", "matchCriteriaId": "016D4E46-79E6-4A10-A8D5-5A0F8ACC031A", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.9:*:*:*:*:*:*:*", "matchCriteriaId": "D833B1A6-CDD6-4066-817B-401DFC29CB74", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.10:*:*:*:*:*:*:*", "matchCriteriaId": "7473C96A-B8C4-4A31-BC3C-11BBD44D43CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.11:*:*:*:*:*:*:*", "matchCriteriaId": "FE91D870-9D11-49D3-BD79-B89D492378E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.12:*:*:*:*:*:*:*", "matchCriteriaId": "345F5BE8-34BB-4670-87C8-E47DCC7D4376", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.13:*:*:*:*:*:*:*", "matchCriteriaId": "E8BFA222-5FC6-4D6A-BEB6-71B1B6C74BB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.14:*:*:*:*:*:*:*", "matchCriteriaId": "75A47F20-004B-4F06-A6F3-E48056FB9596", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.14:alpha1:*:*:*:*:*:*", "matchCriteriaId": "AE42C4C6-B198-4E5B-A56C-B76EC37A3B40", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.14:alpha2:*:*:*:*:*:*", "matchCriteriaId": "D8D3047B-FD43-4574-8D60-2085D63B5C29", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "6DEE2A39-AD46-485C-99E7-4CF750CC5D1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha1:*:*:*:*:*:*", "matchCriteriaId": "72949DF3-D5D7-437D-8494-C16BECC8A0DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha2:*:*:*:*:*:*", "matchCriteriaId": "1778B6A6-5AF7-420C-B8A0-D5EEA11FF08A", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha3:*:*:*:*:*:*", "matchCriteriaId": "2D608CBB-DE39-4F89-A6D5-3DD0743E3F3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha4:*:*:*:*:*:*", "matchCriteriaId": "12DF9207-CC7F-42DB-B8F3-DB218117DCF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha6:*:*:*:*:*:*", "matchCriteriaId": "DA18A03D-8237-4BBE-9C10-47EA5FCE8BDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha7:*:*:*:*:*:*", "matchCriteriaId": "9B9A6D84-4809-49A0-86C6-ECBDD1064928", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "6C820C5B-8EA8-4F60-9841-FA5A352532D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "342F1990-B47E-4F18-A8EF-0D3A4DA12750", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "40752649-CC20-4A48-9445-9A6834D3E607", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "FF823758-7576-42F1-86CB-299D81814C60", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "62D73130-3452-4099-81D2-35CE27604471", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha1:*:*:*:*:*:*", "matchCriteriaId": "DD35B5F7-CE6B-4611-8C93-6E984BBE9F60", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha2:*:*:*:*:*:*", "matchCriteriaId": "5D47BE29-3D8C-491C-8CE1-11936D290751", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha3:*:*:*:*:*:*", "matchCriteriaId": "8FE9F396-BA3A-4FEA-99CD-82101B2F4D17", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha4:*:*:*:*:*:*", "matchCriteriaId": "0F35B814-E6D9-4339-BBF0-71C8BCB56AC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha5:*:*:*:*:*:*", "matchCriteriaId": "09914F81-E73F-40B7-B089-1601CDA2F08A", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha6:*:*:*:*:*:*", "matchCriteriaId": "AE9D4C8A-7109-42FB-A3A4-EA275263B51A", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha7:*:*:*:*:*:*", "matchCriteriaId": "BAEC8D07-03F3-47BD-BFAF-C68DED57E9E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha8:*:*:*:*:*:*", "matchCriteriaId": "97F7A53D-9E3B-4FC8-B5D2-8F6098D42154", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha9:*:*:*:*:*:*", "matchCriteriaId": "15B91852-E698-44B8-AA4B-3D160F6922EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A6C5E554-829A-4DD2-AA08-F1F4086970FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1:alpha1:*:*:*:*:*:*", "matchCriteriaId": "EAB8D4F7-FF1F-4A9D-8256-7862DBCC91AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1:alpha2:*:*:*:*:*:*", "matchCriteriaId": "1AFF33C7-7DE7-4252-B1F5-1923C97488DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1:alpha3:*:*:*:*:*:*", "matchCriteriaId": "85E1EFDA-4A24-4021-A964-BF541692A662", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1:alpha4:*:*:*:*:*:*", "matchCriteriaId": "EA13626B-D41F-4FD6-99B6-894A550243A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1:alpha5:*:*:*:*:*:*", "matchCriteriaId": "76017823-6C26-4117-BE01-C08326140BF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "76CBFFA9-3C32-4912-A80E-092C0CFFFB35", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha1:*:*:*:*:*:*", "matchCriteriaId": "3DD6DEDC-065F-4A1D-971B-F6648CCBC524", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha2:*:*:*:*:*:*", "matchCriteriaId": "43273650-CE0B-44C1-A666-2EBC7F25699C", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha3:*:*:*:*:*:*", "matchCriteriaId": "BEB5C494-929A-4A22-8DB8-66D92671CB3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha4:*:*:*:*:*:*", "matchCriteriaId": "8C80F2C3-4F26-4F20-A4FA-DD543F300E4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha5:*:*:*:*:*:*", "matchCriteriaId": "D9854F73-471D-458A-8C96-4F20AC0CABF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha6:*:*:*:*:*:*", "matchCriteriaId": "17EB51A7-125F-4738-9F40-C43FF24F33CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "ADBA25B4-1E69-4E4E-8FD3-AC7FF9B75560", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha1:*:*:*:*:*:*", "matchCriteriaId": "D3593B9D-B7F7-4AE5-A56F-E1D619EC62C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha2:*:*:*:*:*:*", "matchCriteriaId": "8D94D856-4C71-4BF2-9B99-4CF4B2A3252C", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha3:*:*:*:*:*:*", "matchCriteriaId": "CD69A3EF-8F68-48AA-A3AB-1A6A5AAF583B", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha4:*:*:*:*:*:*", "matchCriteriaId": "DB138D34-6BE9-4C89-A8DC-E7166A3C9CDC", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha5:*:*:*:*:*:*", "matchCriteriaId": "3263B0DE-0494-4E23-B2B1-07D6F7859667", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha6:*:*:*:*:*:*", "matchCriteriaId": "B09D5237-C46B-46BF-8261-F06F90A5B363", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "C72EF628-6740-4DF3-9415-DDF1E27439E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "95E28717-719E-42C7-95C2-A1640EE25683", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "C83B3862-DA90-4F32-BE45-E973806311CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "91268295-6262-43BF-BC1C-25CCC4B9E17C", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.8:*:*:*:*:*:*:*", "matchCriteriaId": "84EBF00E-BF9F-4E77-9B57-BC88DB70EC0B", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.9:*:*:*:*:*:*:*", "matchCriteriaId": "5B0666E4-9E33-48C1-97D8-22B5E3A5F96E", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "96F70C6D-27B8-44B6-BA07-32B634617475", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha1:*:*:*:*:*:*", "matchCriteriaId": "C3133D17-B254-4B52-8C6C-A19FB95679FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha2:*:*:*:*:*:*", "matchCriteriaId": "8E52765E-1FF3-4355-993C-B4AECC7CA3C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha3:*:*:*:*:*:*", "matchCriteriaId": "C2628958-C5B0-4FC9-BB2C-3ECC0FE3C2A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha4:*:*:*:*:*:*", "matchCriteriaId": "AC25F20D-714D-49A1-9F31-E2B08FC34FB7", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha5:*:*:*:*:*:*", "matchCriteriaId": "555CF08F-350D-4B2E-B24A-2C959A0B5F2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha7:*:*:*:*:*:*", "matchCriteriaId": "19A58A73-DB04-46CB-BA6A-E7C9EF1131D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha9:*:*:*:*:*:*", "matchCriteriaId": "C3167413-D7B5-431F-930B-318F177A1439", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "E8A63539-9978-467A-9A51-5DA2AED49CDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.1:alpha2:*:*:*:*:*:*", "matchCriteriaId": "7EF6F6B4-991E-4B96-8562-D9510BDF27DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.2:alpha2:*:*:*:*:*:*", "matchCriteriaId": "4301B5B7-9DC1-4C77-B8E5-5856D9630068", "vulnerable": true}, {"criteria": "cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.2:alpha4:*:*:*:*:*:*", "matchCriteriaId": "A19FE5A5-2037-44C0-9EB4-C6297F8D5E02", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple integer overflows in the (1) GC_generic_malloc and (2) calloc functions in malloc.c, and the (3) GC_generic_malloc_ignore_off_page function in mallocx.c in Boehm-Demers-Weiser GC (libgc) before 7.2 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de entero en las funciones (1) GC_generic_malloc y (2) calloc en malloc.c y en la funci\u00f3n (3) GC_generic_malloc_ignore_off_page en mallocx.c en Boehm-Demers-Weiser GC (libgc) en versiones anteriores a 7.2 hace que sea m\u00e1s f\u00e1cil para atacantes dependientes de contexto realizar ataques relacionados con la memoria tales como desbordamientos de b\u00fafer a trav\u00e9s un valor de gran tama\u00f1o, lo que provoca que se asigne menos memoria de los esperado."}], "id": "CVE-2012-2673", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-07-25T19:55:02.773", "references": [{"source": "secalert@redhat.com", "url": "http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082926.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082988.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2013-1500.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2014-0149.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2014-0150.html"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:158"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/06/05/1"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/06/07/13"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/54227"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-1546-1"}, {"source": "secalert@redhat.com", "url": "https://github.com/ivmai/bdwgc/blob/master/ChangeLog"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "https://github.com/ivmai/bdwgc/commit/6a93f8e5bcad22137f41b6c60a1c7384baaec2b3"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "https://github.com/ivmai/bdwgc/commit/83231d0ab5ed60015797c3d1ad9056295ac3b2bb"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://github.com/ivmai/bdwgc/commit/be9df82919960214ee4b9d3313523bff44fd99e1"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://github.com/ivmai/bdwgc/commit/e10c1eb9908c2774c16b3148b30d2f3823d66a9a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082926.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082988.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2013-1500.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2014-0149.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2014-0150.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:158"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/06/05/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/06/07/13"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/54227"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1546-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/ivmai/bdwgc/blob/master/ChangeLog"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "https://github.com/ivmai/bdwgc/commit/6a93f8e5bcad22137f41b6c60a1c7384baaec2b3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "https://github.com/ivmai/bdwgc/commit/83231d0ab5ed60015797c3d1ad9056295ac3b2bb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/ivmai/bdwgc/commit/be9df82919960214ee4b9d3313523bff44fd99e1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/ivmai/bdwgc/commit/e10c1eb9908c2774c16b3148b30d2f3823d66a9a"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2013:1500", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "gc-0:7.1-12.el6_4", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2013-11-04T00:00:00Z"}, {"advisory": "RHSA-2014:0149", "cpe": "cpe:/a:redhat:network_satellite:5.6::el5", "package": "gc-0:7.1-12.2.el5sat", "product_name": "Red Hat Satellite 5.6", "release_date": "2014-02-10T00:00:00Z"}, {"advisory": "RHSA-2014:0150", "cpe": "cpe:/a:redhat:network_proxy:5.6::el5", "package": "gc-0:7.1-12.2.el5sat", "product_name": "Red Hat Satellite Proxy v 5.6", "release_date": "2014-02-10T00:00:00Z"}], "bugzilla": {"description": "gc: malloc() and calloc() overflows", "id": "828878", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=828878"}, "csaw": false, "cvss": {"cvss_base_score": "5.1", "cvss_scoring_vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["Multiple integer overflows in the (1) GC_generic_malloc and (2) calloc functions in malloc.c, and the (3) GC_generic_malloc_ignore_off_page function in mallocx.c in Boehm-Demers-Weiser GC (libgc) before 7.2 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected."], "name": "CVE-2012-2673", "public_date": "2012-06-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-2673\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-2673"], "threat_severity": "Moderate"}