CVE-2012-3509

N/A Unknown

Published: September 05, 2012 Modified: April 29, 2026

Description

Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54411

Source: secalert@redhat.com

Issue Tracking

http://gcc.gnu.org/ml/gcc-patches/2012-08/msg01986.html

Source: secalert@redhat.com

Patch Vendor Advisory

http://security-tracker.debian.org/tracker/CVE-2012-3509

Source: secalert@redhat.com

Issue Tracking Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2015:029

Source: secalert@redhat.com

Broken Link

http://www.openwall.com/lists/oss-security/2012/08/29/3

Source: secalert@redhat.com

Mailing List Third Party Advisory

http://www.securityfocus.com/bid/55281

Source: secalert@redhat.com

Third Party Advisory VDB Entry

http://www.ubuntu.com/usn/USN-2496-1

Source: secalert@redhat.com

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/78135

Source: secalert@redhat.com

Third Party Advisory

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54411

Source: af854a3a-2127-422b-91ae-364da2661108

Issue Tracking

http://gcc.gnu.org/ml/gcc-patches/2012-08/msg01986.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://security-tracker.debian.org/tracker/CVE-2012-3509

Source: af854a3a-2127-422b-91ae-364da2661108

Issue Tracking Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2015:029

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://www.openwall.com/lists/oss-security/2012/08/29/3

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List Third Party Advisory

http://www.securityfocus.com/bid/55281

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory VDB Entry

http://www.ubuntu.com/usn/USN-2496-1

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/78135

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

16 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

3.6%

88th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-189

Affected Vendors

debian canonical gnu

Related CVEs

CVE-2026-8023 7.5

CVE-2026-7656 8.1

CVE-2026-51219 N/A

CVE-2026-51218 N/A

CVE-2026-10648 6.2