cbcvebase.
CVE-2015-8777
published 2016-01-20

CVE-2015-8777: The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection…

medium5.5CVSS 3.0
AVLACLPRLUINSUCNIHAN
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.

Affected

8 ranges
VendorProductVersion rangeFixed in
debianglibc< glibc 2.21-1 (bookworm)glibc 2.21-1 (bookworm)
eglibceglibc>= 0 < 2.19-0ubuntu6.82.19-0ubuntu6.8
eglibceglibc>= 0 < 2.19-0ubuntu6.92.19-0ubuntu6.9
gnuglibc<= 2.22
gnuglibc>= 0 < 2.21-12.21-1
gnuglibc>= 0 < 2.21-12.21-1
gnuglibc>= 0 < 2.21-12.21-1
gnuglibc>= 0 < 2.21-12.21-1

CVSS provenance

nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
osv5.5MEDIUM