PT-2016-4015 · Gnu+5 · Glibc+5

Hector Marco-Gisbert

Publicado

2016-01-20

Atualizado

2024-06-15

CVE-2015-8777

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions glibc versions prior to 2.23

Description The issue allows local users to bypass a pointer-guarding protection mechanism. This is achieved by setting the LD POINTER GUARD environment variable to a zero value, which is processed by the process envvars function in elf/rtld.c.

Recommendations For versions prior to 2.23, update to version 2.23 or later to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-254

Identificadores relacionados

ALT-PU-2016-1135

CESA-2017_1916

CVE-2015-8777

DLA-316-1

DSA-3480-1

MGASA-2016-0079

OPENSUSE-SU-2016_0490-1

OPENSUSE-SU-2024:10154-1

RHSA-2017:1916

RHSA-2017_1916

SUSE-SU-2016:0470-1

SUSE-SU-2016:0471-1

SUSE-SU-2016:0472-1

SUSE-SU-2016:0473-1

SUSE-SU-2016:0748-1

SUSE-SU-2016:0778-1

SUSE-SU-2016:0786-1

USN-2985-1

USN-2985-2

Produtos afetados

Alt Linux

Centos

Red Hat

Suse

Ubuntu

Glibc

PT-2016-4015 · Gnu+5 · Glibc+5

CVE-2015-8777

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 147