Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-8777

Опубликовано: 05 сент. 2015
Источник: redhat
CVSS3: 7
CVSS2: 3.7
EPSS Низкий

Описание

The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.

It was found that the dynamic loader did not sanitize the LD_POINTER_GUARD environment variable. An attacker could use this flaw to bypass the pointer guarding protection on set-user-ID or set-group-ID programs to execute arbitrary code with the permissions of the user running the application.

Меры по смягчению последствий

The glibc pointer guard is a post-exploitation mitigation mechanism. As such, it is only relevant if there are exploitable security vulnerabilities in the system. Therefore, applying available security updates to the system is a possible mitigation for this issue. In typical deployments, environment variables can only be set by users with shell access. Restricting shell access to trusted users is another possible mitigation.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5glibcWill not fix
Red Hat Enterprise Linux 6glibcWill not fix
Red Hat Enterprise Linux 7glibcFixedRHSA-2017:191601.08.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=1260581glibc: LD_POINTER_GUARD in the environment is not sanitized

EPSS

Процентиль: 19%
0.0006
Низкий

7 High

CVSS3

3.7 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-8777

CVSS3: 5.5
ubuntu
больше 9 лет назад

The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.

nvd логотип

CVE-2015-8777

CVSS3: 5.5
nvd
больше 9 лет назад

The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.

debian логотип

CVE-2015-8777

CVSS3: 5.5
debian
больше 9 лет назад

The process_envvars function in elf/rtld.c in the GNU C Library (aka g ...

github логотип

GHSA-2gq8-953m-fqr3

CVSS3: 5.5
github
больше 3 лет назад

The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.

oracle-oval логотип

ELSA-2017-1916

oracle-oval
около 8 лет назад

ELSA-2017-1916: glibc security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 19%
0.0006
Низкий

7 High

CVSS3

3.7 Low

CVSS2