3209 matches found
CVE-2002-1896
Buffer overflow in Alsaplayer 0.99.71, when installed setuid root, allows local users to execute arbitrary code via a long 1 -f or 2 -o command line argument...
CVE-2001-1551
Linux kernel 2.2.19 enables CAPSYSRESOURCE for setuid processes, which allows local users to exceed disk quota restrictions during execution of setuid programs...
CVE-1999-0462
suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk...
Security update for glibc
This update for glibc fixes the following issues: CVE-2025-4802: Fixed local root exploits when using static built setuid root applications. elf: Ignore LDLIBRARYPATH and debug env var for setuid for static bsc1243317 pthreads NPTL: lost wakeup fix 2 bsc1234128, BZ 25847 Mark functions in...
SUSE-SU-2025:20332-1 Security update for glibc
This update for glibc fixes the following issues: - CVE-2025-4802: Fixed local root exploits when using static built setuid root applications. elf: Ignore LDLIBRARYPATH and debug env var for setuid for static bsc1243317 - pthreads NPTL: lost wakeup fix 2 bsc1234128, BZ 25847 - Mark functions in...
[slackware-security] glibc
New glibc packages are available for Slackware 15.0 to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/aaaglibc-solibs-2.33-i586-8slack15.0.txz: Rebuilt. patches/packages/glibc-2.33-i586-8slack15.0.txz: Rebuilt. This update fixes a security issue: el...
SUSE CVE-2025-4802
Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to NSS functions...
📄 Automic Automation Agent Unix Privilege Escalation
An agent configured to run in privileged mode using the SetUID-Bit can be used to escalate privileges, by supplying an ini file with the "authentication" option set to "PAM" and the "libName" option set to a shared object file controlled by the attacker. The shared object will be loaded in an...
CVE-2025-4802
A flaw was found in the glibc library. A statically linked setuid binary that calls dlopen, including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo, may incorrectly search LDLIBRARYPATH to determine which library to load, allowing a local attacker to load...
AZL-61873 CVE-2025-4802 affecting package glibc 2.35-10
Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to NSS functions...
DEBIAN-CVE-2025-4802
Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to NSS functions...
CVE-2025-4802
Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to NSS functions...
AZL-61877 CVE-2025-4802 affecting package glibc for versions less than 2.38-14
Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to NSS functions...
CVE-2025-4802
Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to NSS functions...
UBUNTU-CVE-2025-4802
Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to NSS functions...
CVE-2025-4802
CVE-2025-4802 affects the GNU C Library (glibc) versions 2.27–2.38. The issue is an untrusted LD_LIBRARY_PATH vulnerability that enables attacker-controlled loading of dynamically-linked libraries by statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlo...
CVE-2025-4802
Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to NSS functions...
PT-2025-21753
Name of the Vulnerable Software and Affected Versions GNU C Library versions 2.27 through 2.38 Description An issue exists in the GNU C Library where the LD LIBRARY PATH environment variable is incorrectly searched to determine which library to load when a statically linked setuid binary calls th...
kernel: exec: Fix ToCToU between perm check and set-uid/gid usage
A vulnerability was found in the Linux kernel. The fix addresses a race condition during file execution exec, where a file’s permissions could change between an initial check and execution, potentially allowing unauthorized privilege escalation. Specifically, a non-privileged user could gain root...
SUSE CVE-2025-23395
Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with root ownership, the invoking user's real group ownership and file mode 0644. All data written to the...