Summary: | <sys-libs/glibc-2.11.2: Arbitrary code execution (CVE-2010-0830) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | blocker | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://sourceware.org/git/?p=glibc.git;a=commit;h=db07e962b6ea963dbb345439f6ab9b0cf74d87c5 | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 318503 | ||
Bug Blocks: |
Description
Stefan Behte (RETIRED)
![]() ![]() this is already in glibc-2.11.2 which is already in the tree CVE-2010-0830 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0830): Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header. GLSA will be filed together with #285818. This is GLSA 201011-01, thanks everyone, and sorry about the delay. CVE-2011-1071 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1071): The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome. Sorry about the last comment, wrong bug. |