CVE-2011-2702

NameCVE-2011-2702
DescriptionInteger signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent attackers to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) memcpy-ssse3.S, or (3) memset-sse2.S in sysdeps/i386/i686/multiarch/, which triggers an out-of-bounds read, as demonstrated using the memcpy function.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium (attack range: remote)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
eglibc (PTS)wheezy2.13-38+deb7u10fixed
wheezy (security)2.13-38+deb7u12fixed
glibc (PTS)jessie (security), jessie2.19-18+deb8u10fixed
stretch (security), stretch2.24-11+deb9u1fixed
buster2.25-3fixed
sid2.25-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
eglibcsource(unstable)2.13-10medium
eglibcsourcesqueeze(not affected)
glibcsource(unstable)(not affected)

Notes

[squeeze] - eglibc <not-affected> (ssse3 optimizations not included in squeeze version)
- glibc <not-affected> (ssse3 optimizations not included)
http://web.archive.org/web/20110824011938/http://www.nodefense.org:80/eglibc.txt
fixed well before 2.13-10, but that is the present testing version that was available to check

Search for package or bug name: Reporting problems