Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2012-3405

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers "desynchronization within the buffer size handling," a different vulnerability than CVE-2012-3404.

Related bugs and status

CVE-2012-3405 (Candidate) is related to these bugs:

Bug #1031301: Exploit for unpatched CVE reported in wild.

Summary				In	Importance	Status
	1031301	Exploit for unpatched CVE reported in wild.		eglibc (Ubuntu)	Undecided	Fix Released
	1031301	Exploit for unpatched CVE reported in wild.		glibc (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://security.gento...
MISC: https://bugzilla.redha...
MISC: http://rhn.redhat.com/...
MISC: http://rhn.redhat.com/...
MISC: http://www.ubuntu.com/...
MISC: http://www.openwall.co...
MISC: https://sourceware.org...