Library Remapping Vulnerability in GNU Libc by GNU Project
CVE-2019-1010023

8.8HIGH

Key Information:

Vendor

Gnu Libc

Status
Glibc
Vendor
CVE Published:
15 July 2019

What is CVE-2019-1010023?

GNU Libc current is susceptible to a malicious library remapping attack where an attacker sends specially crafted ELF files to a victim. If the victim runs the 'ldd' command on the files, it can execute unauthorized code, potentially allowing the attacker to escalate privileges. Despite these risks, some upstream comments suggest that the issue is being treated as a non-security bug, indicating that there may be limited initial recognition of its severity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

glibc current (At least as of 2018-02-16)

References

https://sourceware.org/bugzilla/show_bug.cgi?id=22851
x_refsource_MISC
http://www.securityfocus.com/bid/109167
vdb-entryx_refsource_BID
https://support.f5.com/csp/article/K11932200?utm_source=f...
x_refsource_CONFIRM

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.