Back to search
CVE-2010-3847
Published: Jan 7, 2011
Modified: Aug 7, 2024
PUBLISHED
Description
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
GLSA-201011-01
vendor-advisory
x_refsource_GENTOO
http://www.vmware.com/security/advisories/VMSA-2011-0001.html
x_refsource_CONFIRM
http://support.avaya.com/css/P8/documents/100120941
x_refsource_CONFIRM
20101018 The GNU C library dynamic linker expands $ORIGIN in setuid library search path
mailing-list
x_refsource_FULLDISC
RHSA-2010:0872
vendor-advisory
x_refsource_REDHAT
SUSE-SA:2010:052
vendor-advisory
x_refsource_SUSE
MDVSA-2010:207
vendor-advisory
x_refsource_MANDRIVA
44025
exploit
x_refsource_EXPLOIT-DB
44024
exploit
x_refsource_EXPLOIT-DB
DSA-2122
vendor-advisory
x_refsource_DEBIAN
USN-1009-1
vendor-advisory
x_refsource_UBUNTU
https://bugzilla.redhat.com/show_bug.cgi?id=643306
x_refsource_CONFIRM
20110105 VMSA-2011-0001 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap
mailing-list
x_refsource_BUGTRAQ
RHSA-2010:0787
vendor-advisory
x_refsource_REDHAT
44154
vdb-entry
x_refsource_BID
20101020 Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path
mailing-list
x_refsource_FULLDISC
42787
third-party-advisory
x_refsource_SECUNIA
ADV-2011-0025
vdb-entry
x_refsource_VUPEN
[libc-hacker] 20101018 [PATCH] Never expand $ORIGIN in privileged programs
mailing-list
x_refsource_MLIST
20101019 Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path
mailing-list
x_refsource_FULLDISC
VU#537223
third-party-advisory
x_refsource_CERT-VN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now