CVE-2012-3405

10.02.2014, 18:15

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers "desynchronization within the buffer size handling," a different vulnerability than CVE-2012-3404.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	5 UNKNOWN	NETWORK	LOW	AV:N/AC:L/Au:N/C:N/I:N/A:P
redhat	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 70%

Vendor	Product	Version
gnu	glibc	2.14
redhat	enterprise_virtualization	3.0
canonical	ubuntu_linux	8.04
canonical	ubuntu_linux	10.04
canonical	ubuntu_linux	11.04
canonical	ubuntu_linux	11.10
canonical	ubuntu_linux	12.04
redhat	enterprise_linux	6.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

glibc

bullseye	2.31-13+deb11u11 fixed
bullseye (security)	2.31-13+deb11u10 fixed
bookworm	2.36-9+deb12u8 fixed
bookworm (security)	2.36-9+deb12u7 fixed
sid	2.40-3 fixed
trixie	2.40-3 fixed