GLib 2.31.8 and earlier, when the g_str_hash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this issue may be disputed by the vendor; the existence of the g_str_hash function is not a vulnerability in the library, because callers of g_hash_table_new and g_hash_table_new_full can specify an arbitrary hash function that is appropriate for the application.
No CVSS v3.1
No CVSS v3.0
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
AV:N/AC:L/Au:N/C:N/I:N/A:P
Vendors | Products |
---|---|
Gnome |
|
Configuration 1 [-]
|
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2012-01-14T00:00:00
Updated: 2023-02-12T00:00:00
Reserved: 2011-12-07T00:00:00
Link: CVE-2012-0039
JSON object: View
NVD Information
Status : Modified
Published: 2012-01-14T17:55:01.257
Modified: 2024-05-17T00:51:18.527
Link: CVE-2012-0039
JSON object: View
Redhat Information
No data.
CWE