Astra Linux - уязвимость в glibc

A vulnerable environment variable in the Untrusted LDLIBRARYPATH setting in the GNU C Library, versions 2.27 to 2.38, allows attackers to control the loading of dynamically shared libraries in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or...

CVE-2026-40031 MemProcFS < 5.17 DLL/Shared Library Hijacking

MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a...

MiracleLinux 7 : glibc-2.17-157.el7.4 (AXSA:2017-1702:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1702:02 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make...

MiracleLinux 4 : glibc-2.12-1.209.AXS4.2 (AXSA:2017-1703:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1703:03 advisory. Security issues fixed with this release: CVE-2017-1000366 glibc contains a vulnerability that allows specially crafted LDLIBRARYPATH values to manipulate the...

MiracleLinux 9 : glibc-2.34-168.el9_6.19 (AXSA:2025-10672:12)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10672:12 advisory. glibc: static setuid binary dlopen may incorrectly search LDLIBRARYPATH CVE-2025-4802 Tenable has extracted the preceding description block directly from th...

TencentOS Server 4: glibc (TSSA-2025:0403)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0403 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2025-2160)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.

...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2025-1906)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: glibc

Issue Overview: Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to...

glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

A flaw was found in the glibc library. A statically linked setuid binary that calls dlopen, including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo, may incorrectly search LDLIBRARYPATH to determine which library to load, allowing a local attacker to load...

Security update for glibc

This update for glibc fixes the following issues: CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LDLIBRARYPATH bsc1243317. Patch Instructions: To install this SUSE update use the SUSE recommended...

Security update for glibc

This update for glibc fixes the following issues: CVE-2025-4802: elf: Ignore LDLIBRARYPATH and debug env var for setuid for static bsc1243317 pthreads NPTL: lost wakeup fix 2 bsc1234128, BZ 25847 Mark functions in libcnonshared.a as hidden bsc1239883 Linux: Switch back to assembly syscall wrapper...

SUSE-SU-2025:20332-1 Security update for glibc

This update for glibc fixes the following issues: - CVE-2025-4802: Fixed local root exploits when using static built setuid root applications. elf: Ignore LDLIBRARYPATH and debug env var for setuid for static bsc1243317 - pthreads NPTL: lost wakeup fix 2 bsc1234128, BZ 25847 - Mark functions in...

PT-2025-21753

Name of the Vulnerable Software and Affected Versions GNU C Library versions 2.27 through 2.38 Description An issue exists in the GNU C Library where the LD LIBRARY PATH environment variable is incorrectly searched to determine which library to load when a statically linked setuid binary calls th...

SUSE CVE-2024-41817

ImageMagick is a free and open-source software suite, used for editing and manipulating digital images. The AppImage version ImageMagick might use an empty path when setting MAGICKCONFIGUREPATH and LDLIBRARYPATH environment variables while executing, which might lead to arbitrary code execution b...

PT-2023-23233 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions 2.2.0p10 through 2.2.0p16 Description: The issue concerns the usage of user-controlled LD LIBRARY PATH in the agent of Checkmk, allowing a malicious Checkmk site user to escalate rights via the injection of malicious librarie...

SUSE CVE-2010-3351

startBristol in Bristol 0.60.5 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-3355

Ember 0.5.7 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

SUSE CVE-2010-3363

roarify in roaraudio 0.3 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...