CVE-2011-1658
Published: 8 April 2011
ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a (1) setuid or (2) setgid program with this RPATH value, and then executing the program with a crafted value for the LD_PRELOAD environment variable, a different vulnerability than CVE-2010-3847 and CVE-2011-0536. NOTE: it is not expected that any standard operating-system distribution would ship an applicable setuid or setgid program.
Notes
Author | Note |
---|---|
sbeattie | there *may* be reggressions introduced by the 3 commits below that are addressed by the following commits. http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=47c3cd7a74e8c089d60d603afce6d9cf661178d6;hp=d08055417d0187875806161fab8c4777adfb7ba8 http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=22836f52e3e4740e450f9b93a2f1e31a90b168a6;hp=7b3b0b2a63f7e980adb630550c0dc9639ec09d7f |
Priority
Status
Package | Release | Status |
---|---|---|
eglibc Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Released
(2.11.1-0ubuntu7.10)
|
|
maverick |
Released
(2.12.1-0ubuntu10.4)
|
|
natty |
Released
(2.13-0ubuntu13.1)
|
|
oneiric |
Released
(2.13-20ubuntu5.1)
|
|
upstream |
Needs triage
|
|
Patches: upstream: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=96611391 upstream: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=101fdc24 upstream: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=049b59f7 upstream: http://www.eglibc.org/cgi-bin/viewvc.cgi?view=rev&revision=13801 |
||
glibc Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Released
(2.7-10ubuntu8.1)
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Needs triage
|
|
Patches: upstream: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=96611391 upstream: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=101fdc24 upstream: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=049b59f7 |