SB2010111502 - Gentoo update for GNU C library

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2010111502

SB2010111502 - Gentoo update for GNU C library

Published: November 15, 2010 Updated: June 28, 2025

Security Bulletin ID SB2010111502
Severity
High
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 33% Medium 50% Low 17%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2009-4880)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2.10.1 and earlier allow context-dependent attackers to cause a denial of service (memory consumption or application crash) via a crafted format string, as demonstrated by a crafted first argument to the money_format function in PHP, a related issue to CVE-2008-1391.


2) Input validation error (CVE-ID: CVE-2009-4881)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in the GNU C Library (aka glibc or libc6) before 2.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted format string, as demonstrated by the %99999999999999999999n string, a related issue to CVE-2008-1391.


3) Input validation error (CVE-ID: CVE-2010-0296)

The vulnerability allows a local user to execute arbitrary code.

The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request.


4) Input validation error (CVE-ID: CVE-2010-0830)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header.


5) Link following (CVE-ID: CVE-2010-3847)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory.


6) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2010-3856)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so.


Remediation

Install update from vendor's website.

References