6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
glibc is vulnerable to privilege escalation. The fix for CVE-2010-3847 introduced a regression in the way the dynamic loader expanded the $ORIGIN dynamic string token specified in the RPATH and RUNPATH entries in the ELF library header. A local attacker could use this flaw to escalate their privileges via a setuid or setgid program using such a library.
lists.debian.org/debian-security-announce/2011/msg00005.html
openwall.com/lists/oss-security/2011/02/01/3
openwall.com/lists/oss-security/2011/02/03/2
secunia.com/advisories/43830
secunia.com/advisories/43989
secunia.com/advisories/46397
securitytracker.com/id?1025289
sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=96611391ad8823ba58405325d78cefeae5cdf699
sourceware.org/git/?p=glibc.git;a=commit;h=96611391ad8823ba58405325d78cefeae5cdf699
www.mandriva.com/security/advisories?name=MDVSA-2011:178
www.redhat.com/support/errata/RHSA-2011-0412.html
www.redhat.com/support/errata/RHSA-2011-0413.html
www.securityfocus.com/archive/1/520102/100/0/threaded
www.ubuntu.com/usn/USN-1009-2
www.vmware.com/security/advisories/VMSA-2011-0012.html
www.vupen.com/english/advisories/2011/0863
access.redhat.com/errata/RHSA-2011:0412
access.redhat.com/errata/RHSA-2011:0413
access.redhat.com/security/cve/CVE-2011-0536
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=667974
launchpad.net/bugs/701783
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13086