Описание
GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | ignored | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| precise/esm | ignored | |
| trusty | ignored | end of standard support |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | |
| cosmic | ignored | end of life |
| devel | ignored | |
| disco | ignored | end of life |
| eoan | ignored | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | ignored | |
| esm-infra/focal | ignored | |
| esm-infra/xenial | ignored | |
| focal | ignored |
Показывать по
Ссылки на источники
EPSS
6.8 Medium
CVSS2
5.4 Medium
CVSS3
Связанные уязвимости
GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
GNU Libc current is affected by: Re-mapping current loaded library wit ...
GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code.
Уязвимость компонента libld библиотеки, обеспечивающей системные вызовы и основные функции, glibc, позволяющая нарушителю выполнить произвольный код
EPSS
6.8 Medium
CVSS2
5.4 Medium
CVSS3