glibc: CVE-2015-8777 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Sona Sarmadi <sona.sarmadi@enea.com>	2016-02-03 11:59:16 +0100
committer	Tudor Florea <tudor.florea@enea.com>	2016-02-03 22:21:58 +0100
commit	1ad606237b61bc851e25976ba69f458374287f78 (patch)
tree	a8897c5c0c1331b16c479dea43e9b16ab8539547 /meta/recipes-core/glibc/glibc/CVE-2015-8778.patch
parent	a3b82f660c689b3310f1c1d9197cfd7494cc8e5e (diff)
download	poky-1ad606237b61bc851e25976ba69f458374287f78.tar.gz

glibc: CVE-2015-8777

The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable. (From OE-Core rev: 22570ba08d7c6157aec58764c73b1134405b0252) References: https://sourceware.org/bugzilla/show_bug.cgi?id=18928 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8777 Reproducing steps available at: http://hmarco.org/bugs/glibc_ptr_mangle_weakness.html CVE request: http://seclists.org/oss-sec/2015/q3/504 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>

Diffstat (limited to 'meta/recipes-core/glibc/glibc/CVE-2015-8778.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: