PT-2012-1259 · Gnu+3 · Libc+3

Published

2012-07-25

Updated

2012-07-26

CVE-2006-7252

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions jemalloc in libc for FreeBSD version 6.4 jemalloc in libc for NetBSD (affected versions not specified)

Description The issue is related to an integer overflow in the calloc function, which can lead to memory-related attacks such as buffer overflows. This occurs when a large size value is provided, resulting in a memory allocation of one byte.

Recommendations For jemalloc in libc for FreeBSD version 6.4: update to a version that fixes the integer overflow issue in the calloc function. For jemalloc in libc for NetBSD: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-189

Related Identifiers

CVE-2006-7252

Affected Products

Freebsd

Netbsd

Jemalloc

Libc

PT-2012-1259 · Gnu+3 · Libc+3

CVE-2006-7252

Weakness Enumeration

Related Identifiers

Affected Products

References · 3