PT-2012-4773 · Gnu+1 · Binutils+1

Sang Kil Cha

Published

2012-09-05

Updated

2025-03-25

CVE-2012-3509

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions binutils version 2.22

Description The issue is related to multiple integer overflows in the objalloc alloc function and objalloc alloc macro, which can be exploited by remote attackers to cause a denial of service (crash) through vectors related to the addition of CHUNK HEADER SIZE to the length. This triggers a heap-based buffer overflow.

Recommendations For binutils version 2.22, consider applying a patch that fixes the integer overflows in the objalloc alloc function and objalloc alloc macro to prevent heap-based buffer overflows.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-189

Related Identifiers

CVE-2012-3509

DLA-324-1

MGASA-2014-0346

SUSE-OU-2015:1803-1

USN-2496-1

Affected Products

Ubuntu

Binutils

PT-2012-4773 · Gnu+1 · Binutils+1

CVE-2012-3509

Weakness Enumeration

Related Identifiers

Affected Products

References · 58