CVE-2009-4881

Name of the Vulnerable Software and Affected Versions glibc versions prior to 2.10.1 libc6 versions prior to 2.11.2-r3

Description The issue is related to multiple vulnerabilities in the glibc and libc6 packages of the Debian GNU/Linux operating system. These vulnerabilities can lead to a disruption of confidentiality, integrity, and availability of protected information. The exploitation of these vulnerabilities can be carried out remotely. A specific example of such a vulnerability is an integer overflow in the vstrfmon l function, which allows context-dependent attackers to cause a denial of service via a crafted format string.

Recommendations For glibc versions prior to 2.10.1, update to version 2.10.1 or later to resolve the issue. For libc6 versions prior to 2.11.2-r3, update to version 2.11.2-r3 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable functions until a patch is available.