8.1 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
29.8%
Tavis Ormandy discovered multiple flaws in the GNU C Library’s handling
of the LD_AUDIT environment variable when running a privileged binary. A
local attacker could exploit this to gain root privileges. (CVE-2010-3847,
CVE-2010-3856)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 9.10 | noarch | libc6 | < 2.10.1-0ubuntu18 | UNKNOWN |
Ubuntu | 9.10 | noarch | libc-bin | < 2.10.1-0ubuntu18 | UNKNOWN |
Ubuntu | 9.10 | noarch | libc-dev-bin | < 2.10.1-0ubuntu18 | UNKNOWN |
Ubuntu | 9.10 | noarch | libc6-dbg | < 2.10.1-0ubuntu18 | UNKNOWN |
Ubuntu | 9.10 | noarch | libc6-dev | < 2.10.1-0ubuntu18 | UNKNOWN |
Ubuntu | 9.10 | noarch | libc6-dev-i386 | < 2.10.1-0ubuntu18 | UNKNOWN |
Ubuntu | 9.10 | noarch | libc6-i386 | < 2.10.1-0ubuntu18 | UNKNOWN |
Ubuntu | 9.10 | noarch | libc6-pic | < 2.10.1-0ubuntu18 | UNKNOWN |
Ubuntu | 9.10 | noarch | libc6-prof | < 2.10.1-0ubuntu18 | UNKNOWN |
Ubuntu | 9.10 | noarch | libc6-udeb | < 2.10.1-0ubuntu18 | UNKNOWN |