Launchpad CVE tracker

CVE 2012-3480

Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.

Related bugs and status

CVE-2012-3480 (Candidate) is related to these bugs:

Bug #956051: libc6 crash while running 'xm'

Summary				In	Importance	Status
	956051	libc6 crash while running 'xm'		eglibc (Ubuntu)	Undecided	Fix Released
	956051	libc6 crash while running 'xm'		eglibc (Ubuntu Precise)	High	Fix Released

Bug #979003: libc incorrectly detects AVX support

		In	Importance	Status
979003	libc incorrectly detects AVX support	eglibc (Ubuntu)	High	Fix Released
979003	libc incorrectly detects AVX support	eglibc (Ubuntu Lucid)	High	Fix Released
979003	libc incorrectly detects AVX support	eglibc (Ubuntu Precise)	High	Fix Released
979003	libc incorrectly detects AVX support	eglibc (Ubuntu Quantal)	High	Fix Released
979003	libc incorrectly detects AVX support	eglibc (Ubuntu Oneiric)	High	Fix Released

Bug #1000498: fmod() incorrectly returns NaN for (some?) denormalized inputs

		In	Importance	Status
1000498	fmod() incorrectly returns NaN for (some?) denormalized inputs	eglibc (Ubuntu)	Medium	Fix Released
1000498	fmod() incorrectly returns NaN for (some?) denormalized inputs	eglibc	Medium	Fix Released
1000498	fmod() incorrectly returns NaN for (some?) denormalized inputs	eglibc (Ubuntu Precise)	Medium	Fix Released
1000498	fmod() incorrectly returns NaN for (some?) denormalized inputs	eglibc (Ubuntu Quantal)	Medium	Fix Released

Bug #1007457: Bogus FPE on underflow for exp(double)

Summary				In	Importance	Status
	1007457	Bogus FPE on underflow for exp(double)		eglibc (Ubuntu)	Undecided	Fix Released
	1007457	Bogus FPE on underflow for exp(double)		eglibc (Ubuntu Precise)	Medium	Fix Released

Bug #1010069: bits/fcntl.h does not define AT_EMPTY_PATH

Summary				In	Importance	Status
	1010069	bits/fcntl.h does not define AT_EMPTY_PATH		eglibc (Ubuntu)	Medium	Fix Released
	1010069	bits/fcntl.h does not define AT_EMPTY_PATH		eglibc (Ubuntu Precise)	Medium	Fix Released

Bug #1016349: htons() returns wrong type on non-{i386,amd64} platforms

		In	Importance	Status
1016349	htons() returns wrong type on non-{i386,amd64} platforms	eglibc (Ubuntu)	Undecided	Fix Released
1016349	htons() returns wrong type on non-{i386,amd64} platforms	eglibc	Medium	Fix Released
1016349	htons() returns wrong type on non-{i386,amd64} platforms	glibc (Fedora)	Medium	Fix Released
1016349	htons() returns wrong type on non-{i386,amd64} platforms	eglibc (Ubuntu Precise)	Medium	Fix Released

Bug #1028038: sscanf always calls realloc/causes deadlock in google-perftools

Summary				In	Importance	Status
	1028038	sscanf always calls realloc/causes deadlock in google-perftools		eglibc (Ubuntu)	High	Fix Released
	1028038	sscanf always calls realloc/causes deadlock in google-perftools		eglibc (Ubuntu Precise)	High	Fix Released

Bug #1031301: Exploit for unpatched CVE reported in wild.

Summary				In	Importance	Status
	1031301	Exploit for unpatched CVE reported in wild.		eglibc (Ubuntu)	Undecided	Fix Released
	1031301	Exploit for unpatched CVE reported in wild.		glibc (Ubuntu)	Undecided	Fix Released

Bug #1090740: regression in 2.7-10ubuntu8.2

Summary				In	Importance	Status
	1090740	regression in 2.7-10ubuntu8.2		glibc (Ubuntu)	Undecided	Invalid
	1090740	regression in 2.7-10ubuntu8.2		glibc (Ubuntu Hardy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2012-3480

References