Wind River Support Network

HomeDefectsLIN7-2212

Fixed

LIN7-2212 : Security Advisory - boost - CVE-2012-2677

Created: Dec 2, 2014 Updated: Sep 8, 2018

Resolved Date: Nov 28, 2015

Previous ID: LIN5-19856

Found In Version: 7.0

Fix Version: 7.0.0.12

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

Integer overflow in the ordered_malloc function in boost/pool/pool.hpp in Boost Pool before 3.9 makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2677

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads

Wind River Linux 7.0.0.14
Wind River Linux 7.0.0.15
Wind River Linux 7.0.0.16
Wind River Linux 7.0.0.17
Wind River Linux 7.0.0.18
Wind River Linux 7.0.0.19
Wind River Linux 7.0.0.20
Wind River Linux 7.0.0.21
Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31