2 matches found
FreeBSD rtld execl elevation of privilege vulnerability (CNVD-2019-15522)
FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. An elevation of privilege vulnerability exists in the rtld function of Run-Time Link-Editor rtld in libexec/rtld-elf/rtld.c in FreeBSD versions 7.1 and 8.0. The vulnerability stems from a lack of effective...
CVE-2009-4147
The rtld function in the Run-Time Link-Editor rtld in libexec/rtld-elf/rtld.c in FreeBSD 7.1 and 8.0 does not clear the 1 LDLIBMAP, 2 LDLIBRARYPATH, 3 LDLIBMAPDISABLE, 4 LDDEBUG, and 5 LDELFHINTSPATH environment variables, which allows local users to gain privileges by executing a setuid or setgu...