Unrated severityNVD Advisory· Published Jul 25, 2012· Updated Apr 29, 2026

CVE-2012-2673

Description

Multiple integer overflows in the (1) GC_generic_malloc and (2) calloc functions in malloc.c, and the (3) GC_generic_malloc_ignore_off_page function in mallocx.c in Boehm-Demers-Weiser GC (libgc) before 7.2 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected.

Affected products

Boehm Demers Weiser/Garbage Collector95 versions
cpe:2.3:a:boehm-demers-weiser:garbage_collector:1.3:*:*:*:*:*:*:*+ 94 more
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:1.8:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:1.9:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.4:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.6:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:3.7:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.10:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.11:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.12:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.13:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.14:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.14:alpha1:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.14:alpha2:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.5:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.6:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.7:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.8:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:4.9:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha2:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha3:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha4:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha6:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.0:alpha7:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.3:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha2:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha3:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha4:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha5:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha6:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha7:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha8:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.0:alpha9:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1:alpha1:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1:alpha2:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1:alpha3:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1:alpha4:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.1:alpha5:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha1:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha2:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha3:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha4:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha5:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.2:alpha6:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha1:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha2:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha3:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha4:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha5:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.3:alpha6:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.4:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.6:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.7:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.8:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:6.9:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha2:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha3:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha4:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha5:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha7:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.0:alpha9:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.1:alpha2:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.2:alpha2:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:7.2:alpha4:*:*:*:*:*:*
- cpe:2.3:a:boehm-demers-weiser:garbage_collector:*:alpha6:*:*:*:*:*:*range: <=7.2

Patches

6a93f8e5bcad

https://github.com/ivmai/bdwgcvia nvd-ref

commit

83231d0ab5ed

https://github.com/ivmai/bdwgcvia nvd-ref

commit

be9df8291996

https://github.com/ivmai/bdwgcvia nvd-ref

commit

e10c1eb9908c

https://github.com/ivmai/bdwgcvia nvd-ref

commit

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000