CVE-2007-3508 - OpenCVE

Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gentoo	Glibc

Configuration 1 [-]

cpe:2.3:a:gentoo:glibc:*:r3:*:*:*:*:*:*

No data.

References

Link	Providers
http://bugs.gentoo.org/show_bug.cgi?id=183844
http://osvdb.org/37901
http://secunia.com/advisories/25864
http://security.gentoo.org/glsa/glsa-200707-04.xml
http://sources.gentoo.org/viewcvs.py/gentoo/src/patchsets/glibc/2.5/1600_all_glibc-hwcap-mask-secure.patch?rev=1.1&view=markup
http://www.securityfocus.com/bid/24758
http://www.securitytracker.com/id?1018334
http://www.sourceware.org/ml/libc-hacker/2007-07/msg00001.html
http://www.vupen.com/english/advisories/2007/2418
https://exchange.xforce.ibmcloud.com/vulnerabilities/35240
https://nvd.nist.gov/vuln/detail/CVE-2007-3508
https://www.cve.org/CVERecord?id=CVE-2007-3508

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-07-03T21:00:00

Updated: 2024-08-07T14:21:36.462Z

Reserved: 2007-07-02T00:00:00

Link: CVE-2007-3508

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-07-03T21:30:00.000

Modified: 2024-08-07T15:15:32.720

Link: CVE-2007-3508

Redhat

Severity :

Publid Date: 2007-07-03T00:00:00Z

Links: CVE-2007-3508 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-07-01T00:00:00", "descriptions": [{"lang": "en", "value": "Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution"}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "24758", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/24758"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=183844"}, {"name": "[libc-hacker] [PATCH] Fix LD_HWCAP_MASK handling", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.sourceware.org/ml/libc-hacker/2007-07/msg00001.html"}, {"name": "ADV-2007-2418", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2418"}, {"name": "glibc-envvars-overflow(35240)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35240"}, {"name": "37901", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/37901"}, {"name": "1018334", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018334"}, {"name": "25864", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25864"}, {"name": "GLSA-200707-04", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200707-04.xml"}, {"tags": ["x_refsource_MISC"], "url": "http://sources.gentoo.org/viewcvs.py/gentoo/src/patchsets/glibc/2.5/1600_all_glibc-hwcap-mask-secure.patch?rev=1.1&view=markup"}], "tags": ["disputed"], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-3508", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "24758", "refsource": "BID", "url": "http://www.securityfocus.com/bid/24758"}, {"name": "http://bugs.gentoo.org/show_bug.cgi?id=183844", "refsource": "CONFIRM", "url": "http://bugs.gentoo.org/show_bug.cgi?id=183844"}, {"name": "[libc-hacker] [PATCH] Fix LD_HWCAP_MASK handling", "refsource": "MLIST", "url": "http://www.sourceware.org/ml/libc-hacker/2007-07/msg00001.html"}, {"name": "ADV-2007-2418", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2418"}, {"name": "glibc-envvars-overflow(35240)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35240"}, {"name": "37901", "refsource": "OSVDB", "url": "http://osvdb.org/37901"}, {"name": "1018334", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018334"}, {"name": "25864", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25864"}, {"name": "GLSA-200707-04", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200707-04.xml"}, {"name": "http://sources.gentoo.org/viewcvs.py/gentoo/src/patchsets/glibc/2.5/1600_all_glibc-hwcap-mask-secure.patch?rev=1.1&view=markup", "refsource": "MISC", "url": "http://sources.gentoo.org/viewcvs.py/gentoo/src/patchsets/glibc/2.5/1600_all_glibc-hwcap-mask-secure.patch?rev=1.1&view=markup"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T14:21:36.462Z"}, "title": "CVE Program Container", "references": [{"name": "24758", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/24758"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=183844"}, {"name": "[libc-hacker] [PATCH] Fix LD_HWCAP_MASK handling", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.sourceware.org/ml/libc-hacker/2007-07/msg00001.html"}, {"name": "ADV-2007-2418", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2418"}, {"name": "glibc-envvars-overflow(35240)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35240"}, {"name": "37901", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/37901"}, {"name": "1018334", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1018334"}, {"name": "25864", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25864"}, {"name": "GLSA-200707-04", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200707-04.xml"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://sources.gentoo.org/viewcvs.py/gentoo/src/patchsets/glibc/2.5/1600_all_glibc-hwcap-mask-secure.patch?rev=1.1&view=markup"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-3508", "datePublished": "2007-07-03T21:00:00", "dateReserved": "2007-07-02T00:00:00", "dateUpdated": "2024-08-07T14:21:36.462Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gentoo:glibc:*:r3:*:*:*:*:*:*", "matchCriteriaId": "FCFCAD2C-EC8C-4919-92C5-43C0839D53F7", "versionEndIncluding": "2.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "cve@mitre.org", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution"}, {"lang": "es", "value": "** EN DISPUTA ** Desbordamiento de enteros en la funci\u00f3n process_envvars en elf/rtld.c de glibc en versiones anteriores a la 2.5-rc4 permite a usuarios locales ejecutar c\u00f3digo arbitrario mediante un valor grande de la variable de entorno LD_HWCAP_MASK. NOTA: los mantenedores de glibc aseguran que no creen que esta cuesti\u00f3n sea vulnerable a trav\u00e9s de la ejecuci\u00f3n de c\u00f3digo."}], "id": "CVE-2007-3508", "lastModified": "2024-08-07T15:15:32.720", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-07-03T21:30:00.000", "references": [{"source": "cve@mitre.org", "url": "http://bugs.gentoo.org/show_bug.cgi?id=183844"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/37901"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25864"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200707-04.xml"}, {"source": "cve@mitre.org", "url": "http://sources.gentoo.org/viewcvs.py/gentoo/src/patchsets/glibc/2.5/1600_all_glibc-hwcap-mask-secure.patch?rev=1.1&view=markup"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/24758"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1018334"}, {"source": "cve@mitre.org", "url": "http://www.sourceware.org/ml/libc-hacker/2007-07/msg00001.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2418"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35240"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Based on the analysis of Red Hat and several Glibc developers, Mandriva does not believe this to be exploitable.", "lastModified": "2007-09-17T00:00:00", "organization": "Mandriva"}, {"comment": "After careful analysis by Red Hat and several Glibc developers, it has been determined that this bug is not exploitable.\n\nFor more information please see Red Hat Bugzilla bug #247208\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=247208", "lastModified": "2007-07-05T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}