CVE-2010-4001

Name of the Vulnerable Software and Affected Versions Gromacs versions 4.5.1 and earlier

Description The issue allows local users to gain privileges via a Trojan horse shared library in the current working directory. This is due to GMXRC.bash placing a zero-length directory name in the LD LIBRARY PATH. However, it's noted that the GMXLDLIB value is always added to the beginning of LD LIBRARY PATH at a later point in the script, which disputes the severity of this issue.

Recommendations For Gromacs versions 4.5.1 and earlier, consider restricting access to the LD LIBRARY PATH to minimize the risk of exploitation. As a temporary workaround, avoid using shared libraries in the current working directory until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.