CVE-2019-1010023

GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
Configurations

Configuration 1 (hide)

cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:*:*

History

07 Nov 2023, 03:02

Type Values Removed Values Added
Summary ** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat." GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
References
  • {'url': 'https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS', 'name': 'https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS', 'tags': [], 'refsource': 'CONFIRM'}
  • () https://support.f5.com/csp/article/K11932200?utm_source=f5support&amp%3Butm_medium=RSSĀ -

Information

Published : 2019-07-15 04:15

Updated : 2024-03-21 02:32


NVD link : CVE-2019-1010023

Mitre link : CVE-2019-1010023

CVE.ORG link : CVE-2019-1010023


JSON object : View

Products Affected

gnu

  • glibc