diff options
author | Sona Sarmadi <sona.sarmadi@enea.com> | 2016-02-03 11:59:16 +0100 |
---|---|---|
committer | Tudor Florea <tudor.florea@enea.com> | 2016-02-03 22:21:58 +0100 |
commit | 1ad606237b61bc851e25976ba69f458374287f78 (patch) | |
tree | a8897c5c0c1331b16c479dea43e9b16ab8539547 /meta/recipes-devtools/distcc/files | |
parent | a3b82f660c689b3310f1c1d9197cfd7494cc8e5e (diff) | |
download | poky-1ad606237b61bc851e25976ba69f458374287f78.tar.gz |
glibc: CVE-2015-8777
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or
libc6) before 2.23 allows local users to bypass a pointer-guarding protection
mechanism via a zero value of the LD_POINTER_GUARD environment variable.
(From OE-Core rev: 22570ba08d7c6157aec58764c73b1134405b0252)
References:
https://sourceware.org/bugzilla/show_bug.cgi?id=18928
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8777
Reproducing steps available at:
http://hmarco.org/bugs/glibc_ptr_mangle_weakness.html
CVE request: http://seclists.org/oss-sec/2015/q3/504
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Diffstat (limited to 'meta/recipes-devtools/distcc/files')
0 files changed, 0 insertions, 0 deletions