Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-xscn-43f8-7bgy
Vulnerability ID VCID-xscn-43f8-7bgy
Aliases CVE-2012-2673
Summary Multiple integer overflows in the (1) GC_generic_malloc and (2) calloc functions in malloc.c, and the (3) GC_generic_malloc_ignore_off_page function in mallocx.c in Boehm-Demers-Weiser GC (libgc) before 7.2 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected.
Status Published
Exploitability 0.5
Weighted Severity 0.0
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.01653 https://api.first.org/data/v1/epss?cve=CVE-2012-2673
epss 0.01653 https://api.first.org/data/v1/epss?cve=CVE-2012-2673
epss 0.01653 https://api.first.org/data/v1/epss?cve=CVE-2012-2673
epss 0.01653 https://api.first.org/data/v1/epss?cve=CVE-2012-2673
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2673.json
https://api.first.org/data/v1/epss?cve=CVE-2012-2673
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2673
677195 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677195
828878 https://bugzilla.redhat.com/show_bug.cgi?id=828878
RHSA-2013:1500 https://access.redhat.com/errata/RHSA-2013:1500
RHSA-2014:0149 https://access.redhat.com/errata/RHSA-2014:0149
RHSA-2014:0150 https://access.redhat.com/errata/RHSA-2014:0150
USN-1546-1 https://usn.ubuntu.com/1546-1/
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.82434
EPSS Score 0.01653
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-11T20:24:43.595330+00:00 Debian Oval Importer Import https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0