CVE-2012-0039

ADVISORY - nist

Summary

GLib 2.31.8 and earlier, when the g_str_hash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this issue may be disputed by the vendor; the existence of the g_str_hash function is not a vulnerability in the library, because callers of g_hash_table_new and g_hash_table_new_full can specify an arbitrary hash function that is appropriate for the application.

EPSS Score⁠: 0.00155 (0.525)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-310⁠

Cryptographic Issues

Impacted images

Advisories

NIST

CREATED

13 years ago

UPDATED

3 months ago

ADVISORY IDCVE-2012-0039⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-310⁠

CVSS SCORE

5medium

Debian

CREATED

13 years ago

UPDATED

11 hours ago

ADVISORY IDCVE-2012-0039⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

13 years ago

UPDATED

7 months ago

ADVISORY IDCVE-2012-0039⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Red Hat

CREATED

21 years ago

UPDATED

1 year ago

ADVISORY IDCVE-2012-0039⁠

EXPLOITABILITY SCORE

10.0

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5medium