Lucene search
Mandriva Update for gc MDVSA-2012:158 (gc)
🗓️ 05 Oct 2012 00:00:00Reported by Copyright (C) 2012 Greenbone AGType 
openvas🔗 plugins.openvas.org👁 17 Views
Mandriva Update for gc MDVSA-2012:158 (gc). The remote host is missing an update for the 'gc' package(s) announced via the referenced advisory. Multiple integer overflows in the GC_generic_malloc and calloc functions in malloc.c, and the GC_generic_malloc_ignore_off_page function in mallocx.c in Boehm-Demers-Weiser GC (libgc) before 7.2 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected (CVE-2012-2673). The updated packages have been patched to correct this issue
Show more
| Reporter | Title | Published | Views | Family All 44 |
|---|---|---|---|---|
 | gc security update | 4 Nov 201300:00 | – | oraclelinux |
 | RHSA-2013:1500 Red Hat Security Advisory: gc security update | 15 Sep 202421:08 | – | osv |
| RHSA-2014:0149 Red Hat Security Advisory: gc security update | 15 Sep 202421:08 | – | osv |
| RHSA-2014:0150 Red Hat Security Advisory: gc security update | 15 Sep 202421:08 | – | osv |
| RedHat Update for gc RHSA-2013:1500-01 | 8 Nov 201300:00 | – | openvas |
| CentOS Update for gc CESA-2013:1500 centos6 | 8 Nov 201300:00 | – | openvas |
| Ubuntu: Security Advisory (USN-1546-1) | 6 Sep 201200:00 | – | openvas |
| Mandriva Update for gc MDVSA-2012:158 (gc) | 5 Oct 201200:00 | – | openvas |
| Fedora Update for gc FEDORA-2012-9556 | 30 Aug 201200:00 | – | openvas |
| Fedora Update for gc FEDORA-2012-9637 | 28 Jun 201200:00 | – | openvas |
10
| Source | Link |
|---|---|
| mandriva | www.mandriva.com/en/support/security/advisories/ |
# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_xref(name:"URL", value:"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:158");
script_oid("1.3.6.1.4.1.25623.1.0.831739");
script_version("2023-07-14T05:06:08+0000");
script_tag(name:"last_modification", value:"2023-07-14 05:06:08 +0000 (Fri, 14 Jul 2023)");
script_tag(name:"creation_date", value:"2012-10-05 09:46:25 +0530 (Fri, 05 Oct 2012)");
script_cve_id("CVE-2012-2673");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:P/A:N");
script_xref(name:"MDVSA", value:"2012:158");
script_name("Mandriva Update for gc MDVSA-2012:158 (gc)");
script_tag(name:"summary", value:"The remote host is missing an update for the 'gc'
package(s) announced via the referenced advisory.");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2012 Greenbone AG");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release", re:"ssh/login/release=MNDK_(2011\.0|mes5\.2)");
script_tag(name:"affected", value:"gc on Mandriva Linux 2011.0,
Mandriva Enterprise Server 5.2");
script_tag(name:"solution", value:"Please Install the Updated Packages.");
script_tag(name:"insight", value:"A security issue was identified and fixed in gc:
Multiple integer overflows in the (1) GC_generic_malloc and (2) calloc
functions in malloc.c, and the (3) GC_generic_malloc_ignore_off_page
function in mallocx.c in Boehm-Demers-Weiser GC (libgc) before 7.2 make
it easier for context-dependent attackers to perform memory-related
attacks such as buffer overflows via a large size value, which causes
less memory to be allocated than expected (CVE-2012-2673).
The updated packages have been patched to correct this issue.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release) exit(0);
res = "";
if(release == "MNDK_2011.0")
{
if ((res = isrpmvuln(pkg:"libgc1", rpm:"libgc1~7.1~8.1", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libgc-devel", rpm:"libgc-devel~7.1~8.1", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libgc-static-devel", rpm:"libgc-static-devel~7.1~8.1", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64gc1", rpm:"lib64gc1~7.1~8.1", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64gc-devel", rpm:"lib64gc-devel~7.1~8.1", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64gc-static-devel", rpm:"lib64gc-static-devel~7.1~8.1", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
if(release == "MNDK_mes5.2")
{
if ((res = isrpmvuln(pkg:"libgc1", rpm:"libgc1~7.1~2.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libgc-devel", rpm:"libgc-devel~7.1~2.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libgc-static-devel", rpm:"libgc-static-devel~7.1~2.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64gc1", rpm:"lib64gc1~7.1~2.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64gc-devel", rpm:"lib64gc-devel~7.1~2.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64gc-static-devel", rpm:"lib64gc-static-devel~7.1~2.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo05 Oct 2012 00:00Current
6.5Medium risk
Vulners AI Score6.5
CVSS25
EPSS0.01601