Описание
GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
It was discovered that when executing ldd on a malicious file, it is possible to execute code because of the way libraries are loaded into the process memory. An attacker may trick a victim user into running ldd on malicious files, thus executing code with their privileges.
Отчет
ldd is not intended to be executed on untrusted binaries, so a user should be very careful on what he runs ldd on.
Меры по смягчению последствий
Use objdump -p /path/to/program | grep NEEDED instead of ldd when you want to get the library dependencies of an untrusted executable. However this just returns the direct dependencies of the program, so it should be manually run against all the needed libraries to get the entire dependency tree as ldd does.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | glibc | Out of support scope | ||
| Red Hat Enterprise Linux 6 | glibc | Out of support scope | ||
| Red Hat Enterprise Linux 7 | glibc | Not affected | ||
| Red Hat Enterprise Linux 8 | glibc | Not affected |
Показывать по
Дополнительная информация
Статус:
7.8 High
CVSS3
Связанные уязвимости
GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
GNU Libc current is affected by: Re-mapping current loaded library wit ...
GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code.
Уязвимость компонента libld библиотеки, обеспечивающей системные вызовы и основные функции, glibc, позволяющая нарушителю выполнить произвольный код
7.8 High
CVSS3