GNU glibc 'xc_cpupool_getinfo()' Function Use After Free Memory Corruption Vulnerability

Bugtraq ID: 68006
Class: Unknown
CVE: CVE-2014-4043
Remote: Yes
Local: No
Published: Jun 11 2014 12:00AM
Updated: Nov 03 2015 07:03PM
Credit: David Reid, Alex Gaynor, and Glyph Lefkowitz
Vulnerable: Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
SuSE SUSE Linux Enterprise Server 11 SP1 LTSS
+ Linux kernel 2.6.5
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 10 SP3 LTSS
+ Linux kernel 2.6.5
S.u.S.E. openSUSE 13.1
Mandriva Business Server 1 X86 64
Mandriva Business Server 1
GNU glibc 2.19
GNU glibc 2.18
GNU glibc 2.17
GNU glibc 2.16
GNU glibc 2.15
GNU glibc 2.14
GNU glibc 2.13
GNU glibc 2.12
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable: GNU glibc 2.20


 

Privacy Statement
Copyright 2010, SecurityFocus