CVE-2013-0242

Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via crafted multibyte characters.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
Affected Products (NVD)
VendorProductVersion
gnuglibc
2.17
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
glibc
bookworm
2.36-9+deb12u8
fixed
bookworm (security)
2.36-9+deb12u7
fixed
bullseye
2.31-13+deb11u11
fixed
bullseye (security)
2.31-13+deb11u10
fixed
sid
2.40-3
fixed
trixie
2.40-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
eglibc
hardy
dne
lucid
Fixed 2.11.1-0ubuntu7.13
released
oneiric
ignored
precise
Fixed 2.15-0ubuntu10.5
released
quantal
Fixed 2.15-0ubuntu20.2
released
raring
Fixed 2.17-0ubuntu5.1
released
saucy
not-affected
glibc
hardy
ignored
lucid
dne
oneiric
dne
precise
dne
quantal
dne
raring
dne
saucy
dne
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
glibc
suse enterprise desktop 15
2.26-11.8
fixed
suse enterprise desktop 15 SP1
2.26-13.19.1
fixed
suse enterprise sap 12 SP5
2.22-100.15.4
fixed
suse enterprise sap 15
2.26-11.8
fixed
suse enterprise sap 15 SP1
2.26-13.19.1
fixed
suse enterprise server 12 SP5
2.22-100.15.4
fixed
suse enterprise server 15
2.26-11.8
fixed
suse enterprise server 15 SP1
2.26-13.19.1
fixed
glibc-32bit
suse enterprise desktop 15
2.26-11.8
fixed
suse enterprise desktop 15 SP1
2.26-13.19.1
fixed
suse enterprise desktop 15 SP2
2.26-8.21
fixed
suse enterprise sap 12 SP5
2.22-100.15.4
fixed
suse enterprise sap 15
2.26-11.8
fixed
suse enterprise sap 15 SP1
2.26-13.19.1
fixed
suse enterprise sap 15 SP2
2.26-8.21
fixed
suse enterprise server 12 SP5
2.22-100.15.4
fixed
suse enterprise server 15
2.26-11.8
fixed
suse enterprise server 15 SP1
2.26-13.19.1
fixed
suse enterprise server 15 SP2
2.26-8.21
fixed
glibc-devel
suse enterprise desktop 15
2.26-11.8
fixed
suse enterprise desktop 15 SP1
2.26-13.19.1
fixed
suse enterprise sap 12 SP5
2.22-100.15.4
fixed
suse enterprise sap 15
2.26-11.8
fixed
suse enterprise sap 15 SP1
2.26-13.19.1
fixed
suse enterprise server 12 SP5
2.22-100.15.4
fixed
suse enterprise server 15
2.26-11.8
fixed
suse enterprise server 15 SP1
2.26-13.19.1
fixed
glibc-devel-32bit
suse enterprise desktop 15
2.26-11.8
fixed
suse enterprise desktop 15 SP1
2.26-8.21
fixed
suse enterprise sap 12 SP5
2.22-100.15.4
fixed
suse enterprise sap 15
2.26-11.8
fixed
suse enterprise sap 15 SP1
2.26-8.21
fixed
suse enterprise server 12 SP5
2.22-100.15.4
fixed
suse enterprise server 15
2.26-11.8
fixed
suse enterprise server 15 SP1
2.26-8.21
fixed
glibc-devel-static
suse enterprise desktop 15
2.26-11.8
fixed
suse enterprise desktop 15 SP1
2.26-13.19.1
fixed
suse enterprise sap 15
2.26-11.8
fixed
suse enterprise sap 15 SP1
2.26-13.19.1
fixed
suse enterprise server 15
2.26-11.8
fixed
suse enterprise server 15 SP1
2.26-13.19.1
fixed
glibc-extra
suse enterprise desktop 15
2.26-11.8
fixed
suse enterprise desktop 15 SP1
2.26-13.19.1
fixed
suse enterprise sap 15
2.26-11.8
fixed
suse enterprise sap 15 SP1
2.26-13.19.1
fixed
suse enterprise server 15
2.26-11.8
fixed
suse enterprise server 15 SP1
2.26-13.19.1
fixed
glibc-html
suse enterprise sap 12 SP5
2.22-100.15.4
fixed
suse enterprise server 12 SP5
2.22-100.15.4
fixed
glibc-i18ndata
suse enterprise desktop 15
2.26-11.8
fixed
suse enterprise desktop 15 SP1
2.26-13.19.1
fixed
suse enterprise sap 12 SP5
2.22-100.15.4
fixed
suse enterprise sap 15
2.26-11.8
fixed
suse enterprise sap 15 SP1
2.26-13.19.1
fixed
suse enterprise server 12 SP5
2.22-100.15.4
fixed
suse enterprise server 15
2.26-11.8
fixed
suse enterprise server 15 SP1
2.26-13.19.1
fixed
glibc-info
suse enterprise desktop 15
2.26-11.8
fixed
suse enterprise desktop 15 SP1
2.26-13.19.1
fixed
suse enterprise sap 12 SP5
2.22-100.15.4
fixed
suse enterprise sap 15
2.26-11.8
fixed
suse enterprise sap 15 SP1
2.26-13.19.1
fixed
suse enterprise server 12 SP5
2.22-100.15.4
fixed
suse enterprise server 15
2.26-11.8
fixed
suse enterprise server 15 SP1
2.26-13.19.1
fixed
glibc-locale
suse enterprise desktop 15
2.26-11.8
fixed
suse enterprise desktop 15 SP1
2.26-13.19.1
fixed
suse enterprise sap 12 SP5
2.22-100.15.4
fixed
suse enterprise sap 15
2.26-11.8
fixed
suse enterprise sap 15 SP1
2.26-13.19.1
fixed
suse enterprise server 12 SP5
2.22-100.15.4
fixed
suse enterprise server 15
2.26-11.8
fixed
suse enterprise server 15 SP1
2.26-13.19.1
fixed
glibc-locale-32bit
suse enterprise desktop 15
2.26-11.8
fixed
suse enterprise desktop 15 SP1
2.26-8.21
fixed
suse enterprise desktop 15 SP2
2.26-8.21
fixed
suse enterprise sap 12 SP5
2.22-100.15.4
fixed
suse enterprise sap 15
2.26-11.8
fixed
suse enterprise sap 15 SP1
2.26-8.21
fixed
suse enterprise sap 15 SP2
2.26-8.21
fixed
suse enterprise server 12 SP5
2.22-100.15.4
fixed
suse enterprise server 15
2.26-11.8
fixed
suse enterprise server 15 SP1
2.26-8.21
fixed
suse enterprise server 15 SP2
2.26-8.21
fixed
glibc-locale-base
suse enterprise desktop 15 SP1
2.26-13.19.1
fixed
suse enterprise sap 15 SP1
2.26-13.19.1
fixed
suse enterprise server 15 SP1
2.26-13.19.1
fixed
glibc-profile
suse enterprise desktop 15
2.26-11.8
fixed
suse enterprise desktop 15 SP1
2.26-13.19.1
fixed
suse enterprise sap 12 SP5
2.22-100.15.4
fixed
suse enterprise sap 15
2.26-11.8
fixed
suse enterprise sap 15 SP1
2.26-13.19.1
fixed
suse enterprise server 12 SP5
2.22-100.15.4
fixed
suse enterprise server 15
2.26-11.8
fixed
suse enterprise server 15 SP1
2.26-13.19.1
fixed
glibc-profile-32bit
suse enterprise sap 12 SP5
2.22-100.15.4
fixed
suse enterprise server 12 SP5
2.22-100.15.4
fixed
glibc-utils
suse enterprise desktop 15
2.26-11.8
fixed
suse enterprise desktop 15 SP1
2.26-13.19.1
fixed
suse enterprise sap 15
2.26-11.8
fixed
suse enterprise sap 15 SP1
2.26-13.19.1
fixed
suse enterprise server 15
2.26-11.8
fixed
suse enterprise server 15 SP1
2.26-13.19.1
fixed
nscd
suse enterprise desktop 15
2.26-11.8
fixed
suse enterprise desktop 15 SP1
2.26-13.19.1
fixed
suse enterprise sap 12 SP5
2.22-100.15.4
fixed
suse enterprise sap 15
2.26-11.8
fixed
suse enterprise sap 15 SP1
2.26-13.19.1
fixed
suse enterprise server 12 SP5
2.22-100.15.4
fixed
suse enterprise server 15
2.26-11.8
fixed
suse enterprise server 15 SP1
2.26-13.19.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
glibc
RHEL 6
0:2.12-1.132.el6
fixed
glibc-common
RHEL 6
0:2.12-1.132.el6
fixed
glibc-devel
RHEL 6
0:2.12-1.132.el6
fixed
glibc-headers
RHEL 6
0:2.12-1.132.el6
fixed
glibc-static
RHEL 6
0:2.12-1.132.el6
fixed
glibc-utils
RHEL 6
0:2.12-1.132.el6
fixed
nscd
RHEL 6
0:2.12-1.132.el6
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
glibc
Amazon Linux 1
0:2.12-1.132.45.amzn1
fixed
glibc-common
Amazon Linux 1
0:2.12-1.132.45.amzn1
fixed
glibc-debuginfo
Amazon Linux 1
0:2.12-1.132.45.amzn1
fixed
glibc-debuginfo-common
Amazon Linux 1
0:2.12-1.132.45.amzn1
fixed
glibc-devel
Amazon Linux 1
0:2.12-1.132.45.amzn1
fixed
glibc-headers
Amazon Linux 1
0:2.12-1.132.45.amzn1
fixed
glibc-static
Amazon Linux 1
0:2.12-1.132.45.amzn1
fixed
glibc-utils
Amazon Linux 1
0:2.12-1.132.45.amzn1
fixed
nscd
Amazon Linux 1
0:2.12-1.132.45.amzn1
fixed
Common Weakness Enumeration
References
http://osvdb.org/89747
http://rhn.redhat.com/errata/RHSA-2013-0769.html
http://rhn.redhat.com/errata/RHSA-2013-1605.html
http://secunia.com/advisories/51951
http://secunia.com/advisories/55113
http://sourceware.org/bugzilla/show_bug.cgi?id=15078
http://sourceware.org/ml/libc-alpha/2013-01/msg00967.html
http://www.mandriva.com/security/advisories?name=MDVSA-2013:163
http://www.openwall.com/lists/oss-security/2013/01/30/5
http://www.securityfocus.com/bid/57638
http://www.securitytracker.com/id/1028063
http://www.ubuntu.com/usn/USN-1991-1
http://www.vmware.com/security/advisories/VMSA-2014-0008.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/81707
https://security.gentoo.org/glsa/201503-04
http://osvdb.org/89747
http://rhn.redhat.com/errata/RHSA-2013-0769.html
http://rhn.redhat.com/errata/RHSA-2013-1605.html
http://secunia.com/advisories/51951
http://secunia.com/advisories/55113
http://sourceware.org/bugzilla/show_bug.cgi?id=15078
http://sourceware.org/ml/libc-alpha/2013-01/msg00967.html
http://www.mandriva.com/security/advisories?name=MDVSA-2013:163
http://www.openwall.com/lists/oss-security/2013/01/30/5
http://www.securityfocus.com/bid/57638
http://www.securitytracker.com/id/1028063
http://www.ubuntu.com/usn/USN-1991-1
http://www.vmware.com/security/advisories/VMSA-2014-0008.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/81707
https://security.gentoo.org/glsa/201503-04