ID CVE-2007-3508
Summary ** DISPUTED ** Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution.
References
Vulnerable Configurations
  • cpe:2.3:a:gentoo:glibc:2.5:r3:*:*:*:*:*:*
    cpe:2.3:a:gentoo:glibc:2.5:r3:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 29-07-2017 - 01:32)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 24758
confirm http://bugs.gentoo.org/show_bug.cgi?id=183844
gentoo GLSA-200707-04
misc http://sources.gentoo.org/viewcvs.py/gentoo/src/patchsets/glibc/2.5/1600_all_glibc-hwcap-mask-secure.patch?rev=1.1&view=markup
mlist [libc-hacker] [PATCH] Fix LD_HWCAP_MASK handling
osvdb 37901
sectrack 1018334
secunia 25864
vupen ADV-2007-2418
xf glibc-envvars-overflow(35240)
statements via4
  • contributor Vincent Danen
    lastmodified 2007-09-17
    organization Mandriva
    statement Based on the analysis of Red Hat and several Glibc developers, Mandriva does not believe this to be exploitable.
  • contributor Joshua Bressers
    lastmodified 2007-07-05
    organization Red Hat
    statement After careful analysis by Red Hat and several Glibc developers, it has been determined that this bug is not exploitable. For more information please see Red Hat Bugzilla bug #247208 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=247208
Last major update 29-07-2017 - 01:32
Published 03-07-2007 - 21:30
Last modified 29-07-2017 - 01:32
Back to Top