Multiple integer overflows in libgfortran might allow remote attackers to execute arbitrary code or cause a denial of service (Fortran application crash) via vectors related to array allocation.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5044
Reference (s):
- https://bugzilla.redhat.com/show_bug.cgi?id=1122812
- https://gcc.gnu.org/viewcvs/gcc/trunk/libgfortran/ChangeLog?limit_changes=0&view=markup&pathrev=211721
- MLIST:[oss-security] 20140723 Re: [CVE request] Array allocation fixes in libgfortran
- URL: http://www.openwall.com/lists/oss-security/2014/07/24/1
- MLIST:[oss-security] 20140731 Re: Re: [CVE request] Array allocation fixes in libgfortran