Описание
Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | released | 2.10.1-0ubuntu17 |
| lucid | released | 2.11.1-0ubuntu7.1 |
| upstream | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.3.6-0ubuntu20.6 |
| devel | DNE | |
| hardy | released | 2.7-10ubuntu6 |
| intrepid | ignored | end of life, was needed |
| jaunty | released | 2.9-4ubuntu6.2 |
| karmic | DNE | |
| lucid | DNE | |
| upstream | needed |
Показывать по
5.1 Medium
CVSS2
Связанные уязвимости
Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header.
Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header.
Integer signedness error in the elf_get_dynamic_info function in elf/d ...
Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header.
Уязвимость библиотеки, обеспечивающей системные вызовы и основные функции, glibc, позволяющая нарушителю выполнить произвольный код
5.1 Medium
CVSS2