Wind River Support Network

HomeDefectsLIN6-4942

Fixed

LIN6-4942 : Security Advisory - glibc - CVE-2013-4332

Created: Oct 16, 2013 Updated: Dec 3, 2018

Resolved Date: Oct 14, 2014

Previous ID: LIN3-13595

Found In Version: 6.0

Fix Version: 6.0.0.13

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Toolchain

Description

Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4332

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads

binary-toolchain-4.8-39
binary-toolchain-4.8-40
binary-toolchain-4.8-42
binary-toolchain-4.8-43
binary-toolchain-4.8-44
binary-toolchain-4.8-45
binary-toolchain-4.8-47
Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38