THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2019-1010023

Assigner:dwf (7556d962-6fb7-411e-85fa-6cd62f095ba8)
Reserved:2019-03-20
Published:2019-07-15
Updated:2024-06-11

Description

GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.

Problem types

Re-mapping current loaded libray with malicious ELF file

Product status

current (At least as of 2018-02-16)
affected

References

https://sourceware.org/bugzilla/show_bug.cgi?id=22851

http://www.securityfocus.com/bid/109167 (109167) vdb-entry

https://support.f5.com/csp/article/K11932200?utm_source=f5support&%3Butm_medium=RSS

https://security-tracker.debian.org/tracker/CVE-2019-1010023 (CVE-2019-1010023) vendor-advisory

https://ubuntu.com/security/CVE-2019-1010023 (CVE-2019-1010023) vendor-advisory

cve.org CVE-2019-1010023

nvd.nist.gov CVE-2019-1010023

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2019-1010023