Lucene search

K
broadcomBroadcom Security ResponseBSNSA22987
HistoryJan 17, 2024 - 12:00 a.m.

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so

2024-01-1700:00:00
Broadcom Security Response
support.broadcom.com
14
buffer overflow
gnu c library
ld.so
dynamic loader
glibc_tunables
environment variable
local attacker
elevated privileges
suid permission

AI Score

7.6

Confidence

High

EPSS

0.016

Percentile

87.4%

A buffer overflow was discovered in the GNU C Library’s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.