CVE-2007-3508 - Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow l

CVE-2007-3508

Summary

Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution

References

Vulnerable Configurations

cpe:2.3:a:gentoo:glibc:2.5:r3:*:*:*:*:*:*
cpe:2.3:a:gentoo:glibc:2.5:r3:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 07-08-2024 - 15:15)
Impact:
Exploitability:

CWE

CWE-189

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	24758
confirm	http://bugs.gentoo.org/show_bug.cgi?id=183844
gentoo	GLSA-200707-04
misc	http://sources.gentoo.org/viewcvs.py/gentoo/src/patchsets/glibc/2.5/1600_all_glibc-hwcap-mask-secure.patch?rev=1.1&view=markup
mlist	[libc-hacker] [PATCH] Fix LD_HWCAP_MASK handling
osvdb	37901
sectrack	1018334
secunia	25864
vupen	ADV-2007-2418
xf	glibc-envvars-overflow(35240)

statements via4

contributor Vincent Danen
lastmodified 2007-09-17
organization Mandriva
statement Based on the analysis of Red Hat and several Glibc developers, Mandriva does not believe this to be exploitable.

contributor	Joshua Bressers
lastmodified	2007-07-05
organization	Red Hat
statement	After careful analysis by Red Hat and several Glibc developers, it has been determined that this bug is not exploitable. For more information please see Red Hat Bugzilla bug #247208 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=247208

Last major update

07-08-2024 - 15:15

Published

03-07-2007 - 21:30

Last modified

07-08-2024 - 15:15