CVE 2012-3480
Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.
Related bugs and status
CVE-2012-3480 (Candidate) is related to these bugs:
Bug #956051: libc6 crash while running 'xm'
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
956051 | libc6 crash while running 'xm' | eglibc (Ubuntu) | Undecided | Fix Released | ||
956051 | libc6 crash while running 'xm' | eglibc (Ubuntu Precise) | High | Fix Released |
Bug #979003: libc incorrectly detects AVX support
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
979003 | libc incorrectly detects AVX support | eglibc (Ubuntu) | High | Fix Released | ||
979003 | libc incorrectly detects AVX support | eglibc (Ubuntu Lucid) | High | Fix Released | ||
979003 | libc incorrectly detects AVX support | eglibc (Ubuntu Precise) | High | Fix Released | ||
979003 | libc incorrectly detects AVX support | eglibc (Ubuntu Quantal) | High | Fix Released | ||
979003 | libc incorrectly detects AVX support | eglibc (Ubuntu Oneiric) | High | Fix Released |
Bug #1000498: fmod() incorrectly returns NaN for (some?) denormalized inputs
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1000498 | fmod() incorrectly returns NaN for (some?) denormalized inputs | eglibc (Ubuntu) | Medium | Fix Released | ||
1000498 | fmod() incorrectly returns NaN for (some?) denormalized inputs | eglibc | Medium | Fix Released | ||
1000498 | fmod() incorrectly returns NaN for (some?) denormalized inputs | eglibc (Ubuntu Precise) | Medium | Fix Released | ||
1000498 | fmod() incorrectly returns NaN for (some?) denormalized inputs | eglibc (Ubuntu Quantal) | Medium | Fix Released |
Bug #1007457: Bogus FPE on underflow for exp(double)
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1007457 | Bogus FPE on underflow for exp(double) | eglibc (Ubuntu) | Undecided | Fix Released | ||
1007457 | Bogus FPE on underflow for exp(double) | eglibc (Ubuntu Precise) | Medium | Fix Released |
Bug #1010069: bits/fcntl.h does not define AT_EMPTY_PATH
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1010069 | bits/fcntl.h does not define AT_EMPTY_PATH | eglibc (Ubuntu) | Medium | Fix Released | ||
1010069 | bits/fcntl.h does not define AT_EMPTY_PATH | eglibc (Ubuntu Precise) | Medium | Fix Released |
Bug #1016349: htons() returns wrong type on non-{i386,amd64} platforms
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1016349 | htons() returns wrong type on non-{i386,amd64} platforms | eglibc (Ubuntu) | Undecided | Fix Released | ||
1016349 | htons() returns wrong type on non-{i386,amd64} platforms | eglibc | Medium | Fix Released | ||
1016349 | htons() returns wrong type on non-{i386,amd64} platforms | glibc (Fedora) | Medium | Fix Released | ||
1016349 | htons() returns wrong type on non-{i386,amd64} platforms | eglibc (Ubuntu Precise) | Medium | Fix Released |
Bug #1028038: sscanf always calls realloc/causes deadlock in google-perftools
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1028038 | sscanf always calls realloc/causes deadlock in google-perftools | eglibc (Ubuntu) | High | Fix Released | ||
1028038 | sscanf always calls realloc/causes deadlock in google-perftools | eglibc (Ubuntu Precise) | High | Fix Released |
Bug #1031301: Exploit for unpatched CVE reported in wild.
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1031301 | Exploit for unpatched CVE reported in wild. | eglibc (Ubuntu) | Undecided | Fix Released | ||
1031301 | Exploit for unpatched CVE reported in wild. | glibc (Ubuntu) | Undecided | Fix Released |
Bug #1090740: regression in 2.7-10ubuntu8.2
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1090740 | regression in 2.7-10ubuntu8.2 | glibc (Ubuntu) | Undecided | Invalid | ||
1090740 | regression in 2.7-10ubuntu8.2 | glibc (Ubuntu Hardy) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.