NVD

Id
44392  
Name
CVE-2012-2674  
Description
Multiple integer overflows in the (1) chk_malloc, (2) leak_malloc, and (3) leak_memalign functions in libc/bionic/malloc_debug_leak.c in Bionic (libc) for Android, when libc.debug.malloc is set, make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2012-07-25  
Modified Date
2012-08-24  
Seq
2012-2674  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
222706 44392 CVE-2012-2674 http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/  View
222707 44392 CVE-2012-2674 [oss-security] 20120605 memory allocator upstream patches  View
222708 44392 CVE-2012-2674 [oss-security] 20120607 Re: memory allocator upstream patches  View
222709 44392 CVE-2012-2674 https://github.com/android/platform_bionic/commit/7f5aa4f35e23fd37425b3a5041737cdf58f87385  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
27681 JVNDB-2012-003388 Android 用 Bionic の libc/bionic/malloc_debug_leak.c における整数オーバーフローの脆弱性 Android 用 Bionic (libc) の libc/bionic/malloc_debug_leak.c 内の (1) chk_malloc 関数、(2) leak_malloc 関数、および (3) leak_memalign 関数には、整数オーバーフローの脆弱性が存在します。 CVE-2012-2674 55912 CVE-2012-2674 44392 4.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003388.html 2012-07-25 2012-07-30 View