Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-1000366

CWE-119 — Buffer Overflow CWE-400 — Uncontrolled Resource Consumption CWE-120 — Classic Buffer Overflow17 documents9 sources

Severity

7.8HIGH

EPSS

7.6%

top 8.14%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

GNU Glibc Mcafee WEB Gateway Debian Debian Linux +17 more

Timeline

PublishedJun 19

Latest updateMay 13

Description

glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages13 packages

▶Debianglibc< 2.24-12+3

▶NVDgnu/glibc2.25

▶NVDopenstack/cloud_magnum_orchestration7

▶NVDmcafee/web_gateway7.7.0.0 — 7.7.2.2+1

▶NVDopensuse/leap42.2

Also affects: Debian Linux 8.0, 9.0, Linux Enterprise 12, Enterprise Linux 5, 6.0, 7.0, 5.9, 6.2, 6.4, 6.5, 6.6, 7.2, 7.3, 7.4, 7.6, 6.7, 7.5

Patches

Patch: kc.mcafee.com ↗Patch: kc.mcafee.com ↗

🔴Vulnerability Details

GHSA

GHSA-45fw-2mcw-h3gw: glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially r↗2022-05-13

▶

CVEList

CVE-2017-1000366: glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially r↗2017-06-19

▶

OSV

CVE-2017-1000366: glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially r↗2017-06-19

▶

💥Exploits & PoCs

Exploit-DB

Linux Kernel (Debian 7.7/8.5/9.0 / Ubuntu 14.04.2/16.04.2/17.04 / Fedora 22/25 / CentOS 7.3.1611) - 'ldso_hwcap_64 Stack Clash' Local Privilege Escalation↗2017-06-28

▶

Exploit-DB

Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - 'ldso_dynamic Stack Clash' Local Privilege Escalation↗2017-06-28

▶

Exploit-DB

Linux Kernel (Debian 7/8/9/10 / Fedora 23/24/25 / CentOS 5.3/5.11/6.0/6.8/7.2.1511) - 'ldso_hwcap Stack Clash' Local Privilege Escalation↗2017-06-28

▶

📋Vendor Advisories

Red Hat

glibc: Memory leak reachable via LD_HWCAP_MASK↗2017-12-11

▶

Red Hat

glibc: Buffer overflow triggerable via LD_LIBRARY_PATH↗2017-12-11

▶

Ubuntu

GNU C Library vulnerability↗2017-06-29

▶

Red Hat

glibc: heap/stack gap jumping via unbounded stack allocations↗2017-06-19

▶

Ubuntu

GNU C Library vulnerability↗2017-06-19

▶

💬Community

Bugzilla

CVE-2017-1000408 glibc: Memory leak reachable via LD_HWCAP_MASK↗2017-12-06

▶

Bugzilla

CVE-2017-1000409 glibc: Buffer overflow triggerable via LD_LIBRARY_PATH↗2017-12-06

▶

Bugzilla

CVE-2017-1000366 glibc: heap/stack gap jumping via unbounded stack allocations [fedora-all]↗2017-06-19

▶

Bugzilla

CVE-2017-1000366 glibc: heap/stack gap jumping via unbounded stack allocations↗2017-05-19

▶