Red Hat Security Advisory 2014-0149-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, remote management and monitoring of multiple Linux deployments with a single, centralized tool. gc is a Boehm-Demers-Weiser conservative garbage collector for C and C++. It was discovered that gc's implementation of the malloc() and calloc() routines did not properly perform parameter sanitization when allocating memory. If an application using gc did not implement application-level validity checks for the malloc() and calloc() routines, a remote attacker could provide specially crafted application-specific input, which, when processed by the application, could lead to an application crash or, potentially, arbitrary code execution with the privileges of the user running the application.
ab1869eb40905173521dfa2bc8d078041565cdaee5692e209da56b9fa3326e69