Launchpad CVE tracker

CVE 2013-4237

sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted (1) NTFS or (2) CIFS image.

Related bugs and status

CVE-2013-4237 (Candidate) is related to these bugs:

Bug #997096: nscd segmentation fault

Summary				In	Importance	Status
	997096	nscd segmentation fault		eglibc (Ubuntu)	Undecided	Incomplete
	997096	nscd segmentation fault		eglibc (openSUSE)	Low	Fix Released

Bug #1020210: Race condition using ATOMIC_FASTBINS in _int_free causes crash or heap corruption

		In	Importance	Status
1020210	Race condition using ATOMIC_FASTBINS in _int_free causes crash or heap corruption	eglibc (Ubuntu)	Undecided	Fix Released
1020210	Race condition using ATOMIC_FASTBINS in _int_free causes crash or heap corruption	eglibc	Medium	Fix Released
1020210	Race condition using ATOMIC_FASTBINS in _int_free causes crash or heap corruption	eglibc (Ubuntu Precise)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-4237

References