{"id":"MGASA-2013-0340","summary":"Updated glibc package fixes security vulnerabilities","details":"Updated glibc packages fixes the following security issues:\n\nInteger overflow in string/strcoll_l.c in the GNU C Library (aka glibc\nor libc6) 2.17 and earlier allows context-dependent attackers to cause\na denial of service (crash) or possibly execute arbitrary code via a\nlong string, which triggers a heap-based buffer overflow. (CVE-2012-4412)\n\nStack-based buffer overflow in string/strcoll_l.c in the GNU C Library\n(aka glibc or libc6) 2.17 and earlier allows context-dependent\nattackers to cause a denial of service (crash) or possibly execute\narbitrary code via a long string that triggers a malloc failure and\nuse of the alloca function. (CVE-2012-4424)\n\npt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not\nproperly check permissions for tty files, which allows local users to\nchange the permission on the files and obtain access to arbitrary\npseudo-terminals by leveraging a FUSE file system. (CVE-2013-2207)\nNOTE! This is fixed by removing pt_chown wich may break chroots\n      if their devpts was not mounted correctly. \n      (make sure to mount the devpts correctly with gid=5)\n\nsysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6)\n2.18 and earlier allows context-dependent attackers to cause a denial\nof service (out-of-bounds write and crash) or possibly execute\narbitrary code via a crafted (1) NTFS or (2) CIFS image. (CVE-2013-4237)\n\nMultiple integer overflows in malloc/malloc.c in the GNU C Library\n(aka glibc or libc6) 2.18 and earlier allow context-dependent\nattackers to cause a denial of service (heap corruption) via a large\nvalue to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4)\nmemalign, or (5) aligned_alloc functions. (CVE-2013-4332)\n\nA stack (frame) overflow flaw, which led to a denial of service \n(application crash), was found in the way glibc's getaddrinfo() function\nprocessed certain requests when called with AF_INET6. A similar flaw to\nCVE-2013-1914, this affects AF_INET6 rather than AF_UNSPEC (CVE-2013-4458).\n\nThe PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6)\n2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initialize\nthe random value for the pointer guard, which makes it easier for context-\ndependent attackers to control execution flow by leveraging a buffer-\noverflow vulnerability in an application and using the known zero value\npointer guard to calculate a pointer address. (CVE-2013-4788)\n\nOther fixes in this update:\n- Correct the processing of '\\x80' characters in crypt_freesec.c\n- drop minimal required kernel to 2.6.32 so it works in chroots on top\n  of enterprise kernels and for OpenVZ users.\n- fix typo in nscd.service\n","modified":"2026-04-16T06:26:21.514210956Z","published":"2013-11-22T18:44:49Z","upstream":["CVE-2012-4412","CVE-2012-4424","CVE-2013-2207","CVE-2013-4237","CVE-2013-4332","CVE-2013-4458","CVE-2013-4788"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2013-0340.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=11059"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=855385"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=858238"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=976408"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=995839"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1007545"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=985625"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1022280"}],"affected":[{"package":{"name":"glibc","ecosystem":"Mageia:2","purl":"pkg:rpm/mageia/glibc?arch=source&distro=mageia-2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.14.1-11.2.mga2"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0340.json"}},{"package":{"name":"glibc","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/glibc?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.17-7.2.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0340.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}